chore: routine maintenance
This commit is contained in:
danny
parent
c45ba82b90
commit
c7743490a7
75 changed files with 1200 additions and 634 deletions
15
.sops.yaml
15
.sops.yaml
|
|
@ -18,10 +18,23 @@ creation_rules:
|
|||
- path_regex: system/dev/dn-lap/sops/secret.yaml
|
||||
key_groups:
|
||||
- age:
|
||||
- *dn_server
|
||||
- *dn_pre7780
|
||||
- *dn_lap
|
||||
- path_regex: system/dev/skydrive-lap/sops/secret.yaml
|
||||
key_groups:
|
||||
- age:
|
||||
- *skydrive_lap
|
||||
- *dn_pre7780
|
||||
- path_regex: system/dev/public/sops/dn-secret.yaml
|
||||
key_groups:
|
||||
- age:
|
||||
- *dn_pre7780
|
||||
- *dn_server
|
||||
- *dn_lap
|
||||
- path_regex: system/dev/public/sops/secret.yaml
|
||||
key_groups:
|
||||
- age:
|
||||
- *dn_pre7780
|
||||
- *dn_server
|
||||
- *skydrive_lap
|
||||
- *dn_lap
|
||||
|
|
|
|||
|
|
@ -15,7 +15,7 @@
|
|||
- [x] Hypridle
|
||||
- [x] Zen Browser
|
||||
- [x] Swaync (Notification Center)
|
||||
- [x] Swww (Wallpaper)
|
||||
- [x] Awww (Wallpaper)
|
||||
- [x] Ghostty (Terminal)
|
||||
- [x] SDDM (Display Manager)
|
||||
- [x] Fish (shell)
|
||||
|
|
|
|||
487
flake.lock
generated
487
flake.lock
generated
|
|
@ -8,11 +8,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1757826057,
|
||||
"narHash": "sha256-KE6kxoDme82jgmPUE67mvs/kjQBTfSxIuMufuEUSUSo=",
|
||||
"lastModified": 1762920604,
|
||||
"narHash": "sha256-60YEo8f+P50eu4iCL7DWD8NPEvwZl6nimSTsNPqi1cU=",
|
||||
"owner": "DACHXY",
|
||||
"repo": "actual-budget-api",
|
||||
"rev": "1c7a816cbfe17c5821b446b5582e88404cb23596",
|
||||
"rev": "eb107c928feb31e1162e25f59c08fabb1839ad90",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -100,6 +100,28 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"awww": {
|
||||
"inputs": {
|
||||
"flake-compat": "flake-compat_2",
|
||||
"nixpkgs": [
|
||||
"nixpkgs"
|
||||
],
|
||||
"rust-overlay": "rust-overlay"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1763732354,
|
||||
"narHash": "sha256-o1O5GCgdkehrvqqvwfX53TCiES8k+z9Ac1JKuIUZfwo=",
|
||||
"ref": "refs/heads/main",
|
||||
"rev": "880d590d0e6e337cb96428edbedae81283ebec19",
|
||||
"revCount": 1310,
|
||||
"type": "git",
|
||||
"url": "https://codeberg.org/LGFae/awww"
|
||||
},
|
||||
"original": {
|
||||
"type": "git",
|
||||
"url": "https://codeberg.org/LGFae/awww"
|
||||
}
|
||||
},
|
||||
"base16": {
|
||||
"inputs": {
|
||||
"fromYaml": "fromYaml"
|
||||
|
|
@ -121,16 +143,17 @@
|
|||
"base16-fish": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1622559957,
|
||||
"narHash": "sha256-PebymhVYbL8trDVVXxCvZgc0S5VxI7I1Hv4RMSquTpA=",
|
||||
"lastModified": 1754405784,
|
||||
"narHash": "sha256-l9xHIy+85FN+bEo6yquq2IjD1rSg9fjfjpyGP1W8YXo=",
|
||||
"owner": "tomyun",
|
||||
"repo": "base16-fish",
|
||||
"rev": "2f6dd973a9075dabccd26f1cded09508180bf5fe",
|
||||
"rev": "23ae20a0093dca0d7b39d76ba2401af0ccf9c561",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "tomyun",
|
||||
"repo": "base16-fish",
|
||||
"rev": "23ae20a0093dca0d7b39d76ba2401af0ccf9c561",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
|
|
@ -178,11 +201,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1759542305,
|
||||
"narHash": "sha256-ODiAXnQWTSSc0j2fkJ0JQBdjQktfcBTX//legwStGns=",
|
||||
"lastModified": 1763172111,
|
||||
"narHash": "sha256-QseFQKZgMq/kbHlrhfaNlwEyQ1H3J+UhnbgpAIEGpvA=",
|
||||
"owner": "caelestia-dots",
|
||||
"repo": "cli",
|
||||
"rev": "ebbd636b7962fa7fe41d406dcd1088958715161e",
|
||||
"rev": "d89c438284311e99148ece61054cd6f9bc8e8cb7",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -200,11 +223,11 @@
|
|||
"quickshell": "quickshell"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1759890778,
|
||||
"narHash": "sha256-DzxhtmepaYmtDNI5LZUI6SroMn5XPV4wv8w83aVyeBo=",
|
||||
"lastModified": 1763256383,
|
||||
"narHash": "sha256-Vwct8SbZkfoTY0BbB0XVmXo5KsRIH4asV7QzXpjZ4b8=",
|
||||
"owner": "caelestia-dots",
|
||||
"repo": "shell",
|
||||
"rev": "7e878fd3731993ef693a163d17f03bf5415639a5",
|
||||
"rev": "58fe2962b6f515e879962953fcb4fcd9c8f39c32",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -219,14 +242,14 @@
|
|||
"home-manager": "home-manager",
|
||||
"jovian": "jovian",
|
||||
"nixpkgs": "nixpkgs",
|
||||
"rust-overlay": "rust-overlay"
|
||||
"rust-overlay": "rust-overlay_2"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1760152188,
|
||||
"narHash": "sha256-k9sqEYgJ2QH257T4p6MeKCHLYi2k9XH7Cjv8LPrtuvY=",
|
||||
"lastModified": 1763732117,
|
||||
"narHash": "sha256-/zBu6slgHtkuFZFJ4ReKS3NO6rdwEv4KcaYADkz6KyA=",
|
||||
"owner": "chaotic-cx",
|
||||
"repo": "nyx",
|
||||
"rev": "3f06ccee77dcae294d48cf7741dd3647fc3613a7",
|
||||
"rev": "a34640558e83eb3ba0d52c52cb5ffd0465786e4b",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -273,11 +296,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1758287904,
|
||||
"narHash": "sha256-IGmaEf3Do8o5Cwp1kXBN1wQmZwQN3NLfq5t4nHtVtcU=",
|
||||
"lastModified": 1763651264,
|
||||
"narHash": "sha256-8vvwZbw0s7YvBMJeyPVpWke6lg6ROgtts5N2/SMCcv4=",
|
||||
"owner": "nix-community",
|
||||
"repo": "disko",
|
||||
"rev": "67ff9807dd148e704baadbd4fd783b54282ca627",
|
||||
"rev": "e86a89079587497174ccab6d0d142a65811a4fd9",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -321,11 +344,11 @@
|
|||
"flake-compat_2": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1747046372,
|
||||
"narHash": "sha256-CIVLLkVgvHYbgI2UpXvIIBJ12HWgX+fjA8Xf8PUmqCY=",
|
||||
"lastModified": 1761588595,
|
||||
"narHash": "sha256-XKUZz9zewJNUj46b4AJdiRZJAvSZ0Dqj2BNfXvFlJC4=",
|
||||
"owner": "edolstra",
|
||||
"repo": "flake-compat",
|
||||
"rev": "9100a0f413b0c601e0533d1d94ffd501ce2e7885",
|
||||
"rev": "f387cd2afec9419c8ee37694406ca490c3f34ee5",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -353,11 +376,11 @@
|
|||
"flake-compat_4": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1696426674,
|
||||
"narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
|
||||
"lastModified": 1747046372,
|
||||
"narHash": "sha256-CIVLLkVgvHYbgI2UpXvIIBJ12HWgX+fjA8Xf8PUmqCY=",
|
||||
"owner": "edolstra",
|
||||
"repo": "flake-compat",
|
||||
"rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
|
||||
"rev": "9100a0f413b0c601e0533d1d94ffd501ce2e7885",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -369,11 +392,11 @@
|
|||
"flake-compat_5": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1747046372,
|
||||
"narHash": "sha256-CIVLLkVgvHYbgI2UpXvIIBJ12HWgX+fjA8Xf8PUmqCY=",
|
||||
"lastModified": 1696426674,
|
||||
"narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
|
||||
"owner": "edolstra",
|
||||
"repo": "flake-compat",
|
||||
"rev": "9100a0f413b0c601e0533d1d94ffd501ce2e7885",
|
||||
"rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -399,22 +422,6 @@
|
|||
}
|
||||
},
|
||||
"flake-compat_7": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1747046372,
|
||||
"narHash": "sha256-CIVLLkVgvHYbgI2UpXvIIBJ12HWgX+fjA8Xf8PUmqCY=",
|
||||
"owner": "edolstra",
|
||||
"repo": "flake-compat",
|
||||
"rev": "9100a0f413b0c601e0533d1d94ffd501ce2e7885",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "edolstra",
|
||||
"repo": "flake-compat",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"flake-compat_8": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1751685974,
|
||||
|
|
@ -430,22 +437,6 @@
|
|||
"url": "https://git.lix.systems/lix-project/flake-compat.git"
|
||||
}
|
||||
},
|
||||
"flake-compat_9": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1747046372,
|
||||
"narHash": "sha256-CIVLLkVgvHYbgI2UpXvIIBJ12HWgX+fjA8Xf8PUmqCY=",
|
||||
"owner": "edolstra",
|
||||
"repo": "flake-compat",
|
||||
"rev": "9100a0f413b0c601e0533d1d94ffd501ce2e7885",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "edolstra",
|
||||
"repo": "flake-compat",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"flake-parts": {
|
||||
"inputs": {
|
||||
"nixpkgs-lib": [
|
||||
|
|
@ -496,11 +487,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1759362264,
|
||||
"narHash": "sha256-wfG0S7pltlYyZTM+qqlhJ7GMw2fTF4mLKCIVhLii/4M=",
|
||||
"lastModified": 1762980239,
|
||||
"narHash": "sha256-8oNVE8TrD19ulHinjaqONf9QWCKK+w4url56cdStMpM=",
|
||||
"owner": "hercules-ci",
|
||||
"repo": "flake-parts",
|
||||
"rev": "758cf7296bee11f1706a574c77d072b8a7baa881",
|
||||
"rev": "52a2caecc898d0b46b2b905f058ccc5081f842da",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -535,11 +526,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1759362264,
|
||||
"narHash": "sha256-wfG0S7pltlYyZTM+qqlhJ7GMw2fTF4mLKCIVhLii/4M=",
|
||||
"lastModified": 1760948891,
|
||||
"narHash": "sha256-TmWcdiUUaWk8J4lpjzu4gCGxWY6/Ok7mOK4fIFfBuU4=",
|
||||
"owner": "hercules-ci",
|
||||
"repo": "flake-parts",
|
||||
"rev": "758cf7296bee11f1706a574c77d072b8a7baa881",
|
||||
"rev": "864599284fc7c0ba6357ed89ed5e2cd5040f0c04",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -742,7 +733,7 @@
|
|||
},
|
||||
"ghostty": {
|
||||
"inputs": {
|
||||
"flake-compat": "flake-compat_2",
|
||||
"flake-compat": "flake-compat_3",
|
||||
"flake-utils": "flake-utils_3",
|
||||
"nixpkgs": [
|
||||
"nixpkgs"
|
||||
|
|
@ -751,11 +742,11 @@
|
|||
"zon2nix": "zon2nix"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1760128918,
|
||||
"narHash": "sha256-2BAJkbGXebSCxbe4KHdtpH4optMmptw7Ibw1Bs23TPc=",
|
||||
"lastModified": 1763704826,
|
||||
"narHash": "sha256-Q2ArFuRzdNqR8gK0g2eBfnwwPWmiIIU4TPWa+xNHtqc=",
|
||||
"owner": "ghostty-org",
|
||||
"repo": "ghostty",
|
||||
"rev": "c5ad7563f92656ec02bd08856b46431f2e222e69",
|
||||
"rev": "5f3645433c0ba5910c7da1f25aaa07efc2c84b64",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -764,29 +755,6 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"git-hooks": {
|
||||
"inputs": {
|
||||
"flake-compat": "flake-compat_6",
|
||||
"gitignore": "gitignore_3",
|
||||
"nixpkgs": [
|
||||
"neovim-nightly-overlay",
|
||||
"nixpkgs"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1759523803,
|
||||
"narHash": "sha256-PTod9NG+i3XbbnBKMl/e5uHDBYpwIWivQ3gOWSEuIEM=",
|
||||
"owner": "cachix",
|
||||
"repo": "git-hooks.nix",
|
||||
"rev": "cfc9f7bb163ad8542029d303e599c0f7eee09835",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "cachix",
|
||||
"repo": "git-hooks.nix",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"gitignore": {
|
||||
"inputs": {
|
||||
"nixpkgs": [
|
||||
|
|
@ -831,68 +799,23 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"gitignore_3": {
|
||||
"inputs": {
|
||||
"nixpkgs": [
|
||||
"neovim-nightly-overlay",
|
||||
"git-hooks",
|
||||
"nixpkgs"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1709087332,
|
||||
"narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=",
|
||||
"owner": "hercules-ci",
|
||||
"repo": "gitignore.nix",
|
||||
"rev": "637db329424fd7e46cf4185293b9cc8c88c95394",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "hercules-ci",
|
||||
"repo": "gitignore.nix",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"gnome-shell": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1748186689,
|
||||
"narHash": "sha256-UaD7Y9f8iuLBMGHXeJlRu6U1Ggw5B9JnkFs3enZlap0=",
|
||||
"host": "gitlab.gnome.org",
|
||||
"lastModified": 1762869044,
|
||||
"narHash": "sha256-nwm/GJ2Syigf7VccLAZ66mFC8mZJFqpJmIxSGKl7+Ds=",
|
||||
"owner": "GNOME",
|
||||
"repo": "gnome-shell",
|
||||
"rev": "8c88f917db0f1f0d80fa55206c863d3746fa18d0",
|
||||
"type": "github"
|
||||
"rev": "680e3d195a92203f28d4bf8c6e8bb537cc3ed4ad",
|
||||
"type": "gitlab"
|
||||
},
|
||||
"original": {
|
||||
"host": "gitlab.gnome.org",
|
||||
"owner": "GNOME",
|
||||
"ref": "48.2",
|
||||
"ref": "gnome-49",
|
||||
"repo": "gnome-shell",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"hercules-ci-effects": {
|
||||
"inputs": {
|
||||
"flake-parts": [
|
||||
"neovim-nightly-overlay",
|
||||
"flake-parts"
|
||||
],
|
||||
"nixpkgs": [
|
||||
"neovim-nightly-overlay",
|
||||
"nixpkgs"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1758022363,
|
||||
"narHash": "sha256-ENUhCRWgSX4ni751HieNuQoq06dJvApV/Nm89kh+/A0=",
|
||||
"owner": "hercules-ci",
|
||||
"repo": "hercules-ci-effects",
|
||||
"rev": "1a3667d33e247ad35ca250698d63f49a5453d824",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "hercules-ci",
|
||||
"repo": "hercules-ci-effects",
|
||||
"type": "github"
|
||||
"type": "gitlab"
|
||||
}
|
||||
},
|
||||
"home-manager": {
|
||||
|
|
@ -903,11 +826,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1760061988,
|
||||
"narHash": "sha256-CeuMo7fjWm3XaoK+b1PGyaVIlE1GHudoxk9jrJFvfbY=",
|
||||
"lastModified": 1763416652,
|
||||
"narHash": "sha256-8EBEEvtzQ11LCxpQHMNEBQAGtQiCu/pqP9zSovDSbNM=",
|
||||
"owner": "nix-community",
|
||||
"repo": "home-manager",
|
||||
"rev": "c7f4214faca2f196c551b767c12a70bfa0614510",
|
||||
"rev": "ea164b7c9ccdc2321379c2ff78fd4317b4c41312",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -923,11 +846,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1760130406,
|
||||
"narHash": "sha256-GKMwBaFRw/C1p1VtjDz4DyhyzjKUWyi1K50bh8lgA2E=",
|
||||
"lastModified": 1763416652,
|
||||
"narHash": "sha256-8EBEEvtzQ11LCxpQHMNEBQAGtQiCu/pqP9zSovDSbNM=",
|
||||
"owner": "nix-community",
|
||||
"repo": "home-manager",
|
||||
"rev": "d305eece827a3fe317a2d70138f53feccaf890a1",
|
||||
"rev": "ea164b7c9ccdc2321379c2ff78fd4317b4c41312",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -1072,11 +995,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1760143196,
|
||||
"narHash": "sha256-UPKU7QXmJ8vJO59bGzT0UFhvncWb14odLJXzcvSu73U=",
|
||||
"lastModified": 1763732618,
|
||||
"narHash": "sha256-hvElpSNHbYSBsn/GoJV0RgAecpn3vcC5kJso34XqwJw=",
|
||||
"owner": "hyprwm",
|
||||
"repo": "hyprland-plugins",
|
||||
"rev": "f6dd103dfb12f8939bf8049ee35a2b3eb7564dc3",
|
||||
"rev": "57961d69ad9725986290c8c0f2b0d118b645daee",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -1248,11 +1171,11 @@
|
|||
"systems": "systems_5"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1760023949,
|
||||
"narHash": "sha256-fu0B4duamVdbkPio/czu1XhsPLRXUJpZLDrSk3nih4U=",
|
||||
"lastModified": 1761675634,
|
||||
"narHash": "sha256-Et1jNDB2d3e0b4okIKuyAMktECS+5hk+vMAA7X598ao=",
|
||||
"owner": "hyprwm",
|
||||
"repo": "hyprlock",
|
||||
"rev": "36ec73f166d9434a3f27c96c575198906f77644a",
|
||||
"rev": "98b86752fe4867bd14ef96a92ea788229af93130",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -1370,11 +1293,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1759815224,
|
||||
"narHash": "sha256-HbdOyjqHm38j6o5mV24i0bn+r5ykS+VJBnWJuZ0fE+A=",
|
||||
"lastModified": 1763453666,
|
||||
"narHash": "sha256-Hu8lDUlbMFvcYX30LBXX7Gq5FbU35bERH0pSX5qHf/Q=",
|
||||
"owner": "Jovian-Experiments",
|
||||
"repo": "Jovian-NixOS",
|
||||
"rev": "ee974f496a080c61b3164992c850f43741edcc52",
|
||||
"rev": "b843b551415c7aecc97c8b3ab3fff26fd0cd8bbf",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -1386,13 +1309,13 @@
|
|||
"lanzaboote": {
|
||||
"inputs": {
|
||||
"crane": "crane_2",
|
||||
"flake-compat": "flake-compat_4",
|
||||
"flake-compat": "flake-compat_5",
|
||||
"flake-parts": "flake-parts_2",
|
||||
"nixpkgs": [
|
||||
"nixpkgs"
|
||||
],
|
||||
"pre-commit-hooks-nix": "pre-commit-hooks-nix",
|
||||
"rust-overlay": "rust-overlay_2"
|
||||
"rust-overlay": "rust-overlay_3"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1737639419,
|
||||
|
|
@ -1416,11 +1339,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1761893234,
|
||||
"narHash": "sha256-ePHBF/6fyfTSAMvAaES+LxaBIeW6weooAOXxqN1em0s=",
|
||||
"lastModified": 1763876586,
|
||||
"narHash": "sha256-bQ5KRepEVyvF81AlaLxn4IdFfzZJzBq221ix2Zmjtz4=",
|
||||
"owner": "dachxy",
|
||||
"repo": "nix-mail-server",
|
||||
"rev": "b8c26c666a14fcdf4d514c17a2362fc5d33c7358",
|
||||
"rev": "238e340ef58db602892e8cde114576612055520c",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -1454,11 +1377,11 @@
|
|||
"spectrum": "spectrum"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1760115376,
|
||||
"narHash": "sha256-DCKRMxudVOddhA0AlDmRLeoUmPONkUBYv1MiK7mWbY8=",
|
||||
"lastModified": 1763429621,
|
||||
"narHash": "sha256-xJD3vjEdDP+/XKLgPAkaX44s2xuiAeOhCdjs2jrALY4=",
|
||||
"owner": "microvm-nix",
|
||||
"repo": "microvm.nix",
|
||||
"rev": "5103fad040940b6b01891ed44b1d8bebd71249c6",
|
||||
"rev": "c4e4a264da114c618251b17eb4c959f86376e530",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -1484,20 +1407,16 @@
|
|||
},
|
||||
"neovim-nightly-overlay": {
|
||||
"inputs": {
|
||||
"flake-compat": "flake-compat_5",
|
||||
"flake-parts": "flake-parts_3",
|
||||
"git-hooks": "git-hooks",
|
||||
"hercules-ci-effects": "hercules-ci-effects",
|
||||
"neovim-src": "neovim-src",
|
||||
"nixpkgs": "nixpkgs_4",
|
||||
"treefmt-nix": "treefmt-nix"
|
||||
"nixpkgs": "nixpkgs_4"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1760168241,
|
||||
"narHash": "sha256-87aML9i/zVm5WSCEx59PUpCrpkLbXEqcLEFPNn5+2iE=",
|
||||
"lastModified": 1763683496,
|
||||
"narHash": "sha256-k20voxbsi+899PeXlvWpKU5tcgNYfNqC52rgrh+MOto=",
|
||||
"owner": "nix-community",
|
||||
"repo": "neovim-nightly-overlay",
|
||||
"rev": "d5ef90cf4577df3e3daef7e070d200cca64c889f",
|
||||
"rev": "1ddc8e956c8165df29735202b76bb0cfa827916d",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -1509,11 +1428,11 @@
|
|||
"neovim-src": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1760105690,
|
||||
"narHash": "sha256-ZII7EvSnJueiV/a595uOsIdbWcXVWhO5pCvvJp2/mco=",
|
||||
"lastModified": 1763682595,
|
||||
"narHash": "sha256-/dUf5I0DyLvPgFzjJj0/lUHKZ2M1sVlbYCgudDabxIo=",
|
||||
"owner": "neovim",
|
||||
"repo": "neovim",
|
||||
"rev": "fafc329bbd1e15f9ab595568e8cd8b10295113dd",
|
||||
"rev": "a8b9660ca3452a27b68bf914f618df2d78b64180",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -1573,11 +1492,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1759637156,
|
||||
"narHash": "sha256-8NI1SqntLfKl6Q0Luemc3aIboezSJElofUrqipF5g78=",
|
||||
"lastModified": 1763265660,
|
||||
"narHash": "sha256-Ad9Rd3ZAidrH01xP73S3CjPiyXo7ywZs3uCESjPwUdc=",
|
||||
"owner": "nix-community",
|
||||
"repo": "nix-index-database",
|
||||
"rev": "0ca69684091aa3a6b1fe994c4afeff305b15e915",
|
||||
"rev": "469ef53571ea80890c9497952787920c79c1ee6e",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -1588,18 +1507,18 @@
|
|||
},
|
||||
"nix-minecraft": {
|
||||
"inputs": {
|
||||
"flake-compat": "flake-compat_7",
|
||||
"flake-compat": "flake-compat_6",
|
||||
"flake-utils": "flake-utils_5",
|
||||
"nixpkgs": [
|
||||
"nixpkgs"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1760147325,
|
||||
"narHash": "sha256-mBHP1GhvuRE/n8ZXh1lfh+Tn+5oOwB2zCuoPs2mM7IQ=",
|
||||
"lastModified": 1763690461,
|
||||
"narHash": "sha256-q3tHxrMu5BjSG8pE53dOevl4JmyhR73sICy/kJ0fYNk=",
|
||||
"owner": "Infinidoge",
|
||||
"repo": "nix-minecraft",
|
||||
"rev": "701fd12530b71a059e7a130fb58b28cb15c38bfb",
|
||||
"rev": "106ec777ce9fb7e98c9d68d717c91d5d59ce497b",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -1614,11 +1533,11 @@
|
|||
"nixpkgs": "nixpkgs_5"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1758135610,
|
||||
"narHash": "sha256-z7Mt//II4pvOJ4hzbgNRErk/MpXzgkGQm7VimXDG/H8=",
|
||||
"lastModified": 1760307084,
|
||||
"narHash": "sha256-fhXbkH1iqLugr5zkuSgxUYziq5Q4f+QnV5eSag9La8g=",
|
||||
"owner": "3timeslazy",
|
||||
"repo": "nix-search-tv",
|
||||
"rev": "5bcc012b9f6ae069c984e994f85eb7976b4d58a3",
|
||||
"rev": "7499132c98e044e36bc73254d4179cff0d9d7768",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -1654,14 +1573,14 @@
|
|||
"nixpkgs": [
|
||||
"nixpkgs"
|
||||
],
|
||||
"treefmt-nix": "treefmt-nix_2"
|
||||
"treefmt-nix": "treefmt-nix"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1759830669,
|
||||
"narHash": "sha256-MvFhaBavW6beDnhDBiEBfWFDE1pat5kOgGeOPYE9zyk=",
|
||||
"lastModified": 1761572354,
|
||||
"narHash": "sha256-3aXsnYf/wXad8DRLTSTOlulS+65qp93eMo5R7pmaHi4=",
|
||||
"owner": "nix-community",
|
||||
"repo": "nixd",
|
||||
"rev": "62c94242843cbed00ee4c5b2cd6e781b4a9b7854",
|
||||
"rev": "b9229d79b1cd722257c16027ea79d8f033c3aa4e",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -1672,11 +1591,11 @@
|
|||
},
|
||||
"nixpkgs": {
|
||||
"locked": {
|
||||
"lastModified": 1760038930,
|
||||
"narHash": "sha256-Oncbh0UmHjSlxO7ErQDM3KM0A5/Znfofj2BSzlHLeVw=",
|
||||
"lastModified": 1763421233,
|
||||
"narHash": "sha256-Stk9ZYRkGrnnpyJ4eqt9eQtdFWRRIvMxpNRf4sIegnw=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "0b4defa2584313f3b781240b29d61f6f9f7e0df3",
|
||||
"rev": "89c2b2330e733d6cdb5eae7b899326930c2c0648",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -1732,11 +1651,11 @@
|
|||
},
|
||||
"nixpkgs-stable_3": {
|
||||
"locked": {
|
||||
"lastModified": 1760139962,
|
||||
"narHash": "sha256-4xggC56Rub3WInz5eD7EZWXuLXpNvJiUPahGtMkwtuc=",
|
||||
"lastModified": 1763622513,
|
||||
"narHash": "sha256-1jQnuyu82FpiSxowrF/iFK6Toh9BYprfDqfs4BB+19M=",
|
||||
"owner": "nixos",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "7e297ddff44a3cc93673bb38d0374df8d0ad73e4",
|
||||
"rev": "c58bc7f5459328e4afac201c5c4feb7c818d604b",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -1777,11 +1696,11 @@
|
|||
},
|
||||
"nixpkgs_4": {
|
||||
"locked": {
|
||||
"lastModified": 1759977445,
|
||||
"narHash": "sha256-LYr4IDfuihCkFAkSYz5//gT2r1ewcWBYgd5AxPzPLIo=",
|
||||
"lastModified": 1763618868,
|
||||
"narHash": "sha256-v5afmLjn/uyD9EQuPBn7nZuaZVV9r+JerayK/4wvdWA=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "2dad7af78a183b6c486702c18af8a9544f298377",
|
||||
"rev": "a8d610af3f1a5fb71e23e08434d8d61a466fc942",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -1809,27 +1728,27 @@
|
|||
},
|
||||
"nixpkgs_6": {
|
||||
"locked": {
|
||||
"lastModified": 1760103332,
|
||||
"narHash": "sha256-BMsGVfKl4Q80Pr9T1AkCRljO1bpwCmY8rTBVj8XGuhA=",
|
||||
"lastModified": 1763421233,
|
||||
"narHash": "sha256-Stk9ZYRkGrnnpyJ4eqt9eQtdFWRRIvMxpNRf4sIegnw=",
|
||||
"owner": "nixos",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "870493f9a8cb0b074ae5b411b2f232015db19a65",
|
||||
"rev": "89c2b2330e733d6cdb5eae7b899326930c2c0648",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "nixos",
|
||||
"ref": "nixpkgs-unstable",
|
||||
"ref": "nixos-unstable",
|
||||
"repo": "nixpkgs",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixpkgs_7": {
|
||||
"locked": {
|
||||
"lastModified": 1759570798,
|
||||
"narHash": "sha256-kbkzsUKYzKhuvMOuxt/aTwWU2mnrwoY964yN3Y4dE98=",
|
||||
"lastModified": 1763191728,
|
||||
"narHash": "sha256-esRhOS0APE6k40Hs/jjReXg+rx+J5LkWw7cuWFKlwYA=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "0d4f673a88f8405ae14484e6a1ea870e0ba4ca26",
|
||||
"rev": "1d4c88323ac36805d09657d13a5273aea1b34f0c",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -1841,11 +1760,11 @@
|
|||
},
|
||||
"nixpkgs_8": {
|
||||
"locked": {
|
||||
"lastModified": 1756288264,
|
||||
"narHash": "sha256-Om8adB1lfkU7D33VpR+/haZ2gI5r3Q+ZbIPzE5sYnwE=",
|
||||
"lastModified": 1762286042,
|
||||
"narHash": "sha256-OD5HsZ+sN7VvNucbrjiCz7CHF5zf9gP51YVJvPwYIH8=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "ddd1826f294a0ee5fdc198ab72c8306a0ea73aa9",
|
||||
"rev": "12c1f0253aa9a54fdf8ec8aecaafada64a111e24",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -1898,7 +1817,7 @@
|
|||
},
|
||||
"nvf": {
|
||||
"inputs": {
|
||||
"flake-compat": "flake-compat_8",
|
||||
"flake-compat": "flake-compat_7",
|
||||
"flake-parts": "flake-parts_5",
|
||||
"mnw": "mnw",
|
||||
"nixpkgs": [
|
||||
|
|
@ -1907,11 +1826,11 @@
|
|||
"systems": "systems_9"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1761112426,
|
||||
"narHash": "sha256-fa3fIyXP3xQhsPaZX4WsFwPM9g64EMOucfDEC4o8Nwc=",
|
||||
"lastModified": 1762622004,
|
||||
"narHash": "sha256-NpzzgaoMK8aRHnndHWbYNKLcZN0r1y6icCoJvGoBsoE=",
|
||||
"owner": "NotAShelf",
|
||||
"repo": "nvf",
|
||||
"rev": "9b3e7bcf68ace2f07eb7478c40e45ce79332482b",
|
||||
"rev": "09470524a214ed26633ddc2b6ec0c9bf31a8b909",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -1922,7 +1841,7 @@
|
|||
},
|
||||
"pre-commit-hooks": {
|
||||
"inputs": {
|
||||
"flake-compat": "flake-compat_3",
|
||||
"flake-compat": "flake-compat_4",
|
||||
"gitignore": "gitignore",
|
||||
"nixpkgs": [
|
||||
"hyprland",
|
||||
|
|
@ -1978,11 +1897,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1759610621,
|
||||
"narHash": "sha256-P3UPFd95mS/3aNgy40nCXAmyfR2bEEBd+tX6xfkYFb0=",
|
||||
"lastModified": 1763210607,
|
||||
"narHash": "sha256-gyEL9lw8oSbFbZ323vYUpIhcZLzudACEAQyCTkYh1WM=",
|
||||
"ref": "refs/heads/master",
|
||||
"rev": "c5c438f1cd1a76660a8658ef929a3d19e968e2ce",
|
||||
"revCount": 689,
|
||||
"rev": "0a7dcf30eaf438aa1ec72a9017cdb952df03f005",
|
||||
"revCount": 704,
|
||||
"type": "git",
|
||||
"url": "https://git.outfoxxed.me/outfoxxed/quickshell"
|
||||
},
|
||||
|
|
@ -1996,6 +1915,7 @@
|
|||
"actual-budget-api": "actual-budget-api",
|
||||
"actual-budget-server": "actual-budget-server",
|
||||
"attic": "attic",
|
||||
"awww": "awww",
|
||||
"caelestia-shell": "caelestia-shell",
|
||||
"chaotic": "chaotic",
|
||||
"disko": "disko",
|
||||
|
|
@ -2017,9 +1937,9 @@
|
|||
"nixpkgs": "nixpkgs_6",
|
||||
"nixpkgs-stable": "nixpkgs-stable_3",
|
||||
"nvf": "nvf",
|
||||
"rust-overlay": "rust-overlay_4",
|
||||
"sops-nix": "sops-nix",
|
||||
"stylix": "stylix",
|
||||
"swww": "swww",
|
||||
"yazi": "yazi",
|
||||
"zen-browser": "zen-browser"
|
||||
}
|
||||
|
|
@ -2027,16 +1947,16 @@
|
|||
"rust-overlay": {
|
||||
"inputs": {
|
||||
"nixpkgs": [
|
||||
"chaotic",
|
||||
"awww",
|
||||
"nixpkgs"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1760063676,
|
||||
"narHash": "sha256-s5Fjh43skH2L+avOGioLmEHoYZffDbg3abV5h0gjeew=",
|
||||
"lastModified": 1761964689,
|
||||
"narHash": "sha256-Zo3LQQDz+64EQ9zor/WmeNTFLoZkjmhp0UY3G0D3seE=",
|
||||
"owner": "oxalica",
|
||||
"repo": "rust-overlay",
|
||||
"rev": "897deed0923cc5a1d560c5176abe0d172ec9716d",
|
||||
"rev": "63d22578600f70d293aede6bc737efef60ebd97f",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -2046,6 +1966,27 @@
|
|||
}
|
||||
},
|
||||
"rust-overlay_2": {
|
||||
"inputs": {
|
||||
"nixpkgs": [
|
||||
"chaotic",
|
||||
"nixpkgs"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1763433504,
|
||||
"narHash": "sha256-cVid5UNpk88sPYHkLAA5aZEHOFQXSB/2L1vl18Aq7IM=",
|
||||
"owner": "oxalica",
|
||||
"repo": "rust-overlay",
|
||||
"rev": "42ce16c6d8318a654d53f047c9400b7d902d6e61",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "oxalica",
|
||||
"repo": "rust-overlay",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"rust-overlay_3": {
|
||||
"inputs": {
|
||||
"nixpkgs": [
|
||||
"lanzaboote",
|
||||
|
|
@ -2066,19 +2007,18 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"rust-overlay_3": {
|
||||
"rust-overlay_4": {
|
||||
"inputs": {
|
||||
"nixpkgs": [
|
||||
"swww",
|
||||
"nixpkgs"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1759199574,
|
||||
"narHash": "sha256-w24RYly3VSVKp98rVfCI1nFYfQ0VoWmShtKPCbXgK6A=",
|
||||
"lastModified": 1763692705,
|
||||
"narHash": "sha256-tCKCyMYU0Vy+ph/xswlNsYXXjnFVweWBV+ew/5FS9tA=",
|
||||
"owner": "oxalica",
|
||||
"repo": "rust-overlay",
|
||||
"rev": "381776b12d0d125edd7c1930c2041a1471e586c0",
|
||||
"rev": "6fbf5d328dce1828d887b8ee7d44a785196a34e7",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -2087,7 +2027,7 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"rust-overlay_4": {
|
||||
"rust-overlay_5": {
|
||||
"inputs": {
|
||||
"nixpkgs": [
|
||||
"yazi",
|
||||
|
|
@ -2095,11 +2035,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1756348497,
|
||||
"narHash": "sha256-xJp3VnoYh4kpsaKFO/7SsGbwOz7pI1ZmjbqpXEuR2cw=",
|
||||
"lastModified": 1762396738,
|
||||
"narHash": "sha256-BarSecuxtzp1boERdABLkkoxQTi6s/V33lJwUbWLrLY=",
|
||||
"owner": "oxalica",
|
||||
"repo": "rust-overlay",
|
||||
"rev": "0adf92c70d23fb4f703aea5d3ebb51ac65994f7f",
|
||||
"rev": "c63598992afd54d215d54f2b764adc0484c2b159",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -2113,11 +2053,11 @@
|
|||
"nixpkgs": "nixpkgs_7"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1759635238,
|
||||
"narHash": "sha256-UvzKi02LMFP74csFfwLPAZ0mrE7k6EiYaKecplyX9Qk=",
|
||||
"lastModified": 1763607916,
|
||||
"narHash": "sha256-VefBA1JWRXM929mBAFohFUtQJLUnEwZ2vmYUNkFnSjE=",
|
||||
"owner": "Mic92",
|
||||
"repo": "sops-nix",
|
||||
"rev": "6e5a38e08a2c31ae687504196a230ae00ea95133",
|
||||
"rev": "877bb495a6f8faf0d89fc10bd142c4b7ed2bcc0b",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -2163,11 +2103,11 @@
|
|||
"tinted-zed": "tinted-zed"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1759690047,
|
||||
"narHash": "sha256-Vlpa0d1xOgPO9waHwxJNi6LcD2PYqB3EjwLRtSxXlHc=",
|
||||
"lastModified": 1763695782,
|
||||
"narHash": "sha256-XNc65mYmCzadkYlsahfvrhqRfIvQlX94PzTEjmO1yYo=",
|
||||
"owner": "nix-community",
|
||||
"repo": "stylix",
|
||||
"rev": "09022804b2bcd217f3a41a644d26b23d30375d12",
|
||||
"rev": "57e963fd7901ddce320bbb8fdd910113e4a1fd31",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -2176,28 +2116,6 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"swww": {
|
||||
"inputs": {
|
||||
"flake-compat": "flake-compat_9",
|
||||
"nixpkgs": [
|
||||
"nixpkgs"
|
||||
],
|
||||
"rust-overlay": "rust-overlay_3"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1759428786,
|
||||
"narHash": "sha256-vn3/hpRTI330+yJOoow7wBWMUk2LbnYgyR0v4/LX08o=",
|
||||
"owner": "LGFae",
|
||||
"repo": "swww",
|
||||
"rev": "b9aaba38c79e9915c62328861def7353f53dcdbd",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "LGFae",
|
||||
"repo": "swww",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"systems": {
|
||||
"locked": {
|
||||
"lastModified": 1681028828,
|
||||
|
|
@ -2445,27 +2363,6 @@
|
|||
}
|
||||
},
|
||||
"treefmt-nix": {
|
||||
"inputs": {
|
||||
"nixpkgs": [
|
||||
"neovim-nightly-overlay",
|
||||
"nixpkgs"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1760120816,
|
||||
"narHash": "sha256-gq9rdocpmRZCwLS5vsHozwB6b5nrOBDNc2kkEaTXHfg=",
|
||||
"owner": "numtide",
|
||||
"repo": "treefmt-nix",
|
||||
"rev": "761ae7aff00907b607125b2f57338b74177697ed",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "numtide",
|
||||
"repo": "treefmt-nix",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"treefmt-nix_2": {
|
||||
"inputs": {
|
||||
"nixpkgs": [
|
||||
"nixd",
|
||||
|
|
@ -2531,14 +2428,14 @@
|
|||
"inputs": {
|
||||
"flake-utils": "flake-utils_7",
|
||||
"nixpkgs": "nixpkgs_8",
|
||||
"rust-overlay": "rust-overlay_4"
|
||||
"rust-overlay": "rust-overlay_5"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1759765472,
|
||||
"narHash": "sha256-YYfXBsw57fH6s/hXR24rv8/nr35oQl1CBH7p4WcK8RA=",
|
||||
"lastModified": 1763600401,
|
||||
"narHash": "sha256-druDd9HC3UxZSzCY+qaFp9QDCGfzrhv+Zrytia6lJUE=",
|
||||
"owner": "sxyazi",
|
||||
"repo": "yazi",
|
||||
"rev": "554cb52cc581df9a41e0778ebd448925cd3aca55",
|
||||
"rev": "a08b345a02c6b4c65239a0522f67e77a0132e88b",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -2552,11 +2449,11 @@
|
|||
"nixpkgs": "nixpkgs_9"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1759642033,
|
||||
"narHash": "sha256-irUhy22si6jwWSj2AYkOOuf949P4PFMihVUvU1qt1Jo=",
|
||||
"lastModified": 1763775611,
|
||||
"narHash": "sha256-AmgDr9n3JAUwwG3b28oArHaDv5pDMos53D1uZFDl8os=",
|
||||
"owner": "dachxy",
|
||||
"repo": "zen-browser-flake",
|
||||
"rev": "7978da3c80968b1b61c97a3f3858640a8583bfb9",
|
||||
"rev": "bff2ec6219c2574fa9818b709a0b1e68eef42a6d",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -2581,11 +2478,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1759192380,
|
||||
"narHash": "sha256-0BWJgt4OSzxCESij5oo8WLWrPZ+1qLp8KUQe32QeV4Q=",
|
||||
"lastModified": 1760401936,
|
||||
"narHash": "sha256-/zj5GYO5PKhBWGzbHbqT+ehY8EghuABdQ2WGfCwZpCQ=",
|
||||
"owner": "mitchellh",
|
||||
"repo": "zig-overlay",
|
||||
"rev": "0bcd1401ed43d10f10cbded49624206553e92f57",
|
||||
"rev": "365085b6652259753b598d43b723858184980bbe",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
|
|||
13
flake.nix
13
flake.nix
|
|
@ -7,7 +7,7 @@
|
|||
};
|
||||
|
||||
nixpkgs = {
|
||||
url = "github:nixos/nixpkgs/nixpkgs-unstable";
|
||||
url = "github:nixos/nixpkgs/nixos-unstable";
|
||||
};
|
||||
|
||||
home-manager = {
|
||||
|
|
@ -15,6 +15,11 @@
|
|||
inputs.nixpkgs.follows = "nixpkgs";
|
||||
};
|
||||
|
||||
rust-overlay = {
|
||||
url = "github:oxalica/rust-overlay";
|
||||
inputs.nixpkgs.follows = "nixpkgs";
|
||||
};
|
||||
|
||||
nix-index-database = {
|
||||
url = "github:nix-community/nix-index-database";
|
||||
inputs.nixpkgs.follows = "nixpkgs";
|
||||
|
|
@ -69,8 +74,8 @@
|
|||
inputs.nixpkgs.follows = "nixpkgs";
|
||||
};
|
||||
|
||||
swww = {
|
||||
url = "github:LGFae/swww";
|
||||
awww = {
|
||||
url = "git+https://codeberg.org/LGFae/awww";
|
||||
inputs.nixpkgs.follows = "nixpkgs";
|
||||
};
|
||||
|
||||
|
|
@ -186,7 +191,6 @@
|
|||
in
|
||||
nixpkgs.lib.nixosSystem {
|
||||
specialArgs = {
|
||||
inherit (conf) system;
|
||||
inherit
|
||||
helper
|
||||
inputs
|
||||
|
|
@ -203,6 +207,7 @@
|
|||
inputs.mail-server.overlay
|
||||
inputs.nix-minecraft.overlay
|
||||
inputs.nix-tmodloader.overlay
|
||||
inputs.rust-overlay.overlays.default
|
||||
]
|
||||
++ (import ./pkgs/overlays);
|
||||
}
|
||||
|
|
|
|||
Binary file not shown.
|
Before Width: | Height: | Size: 116 KiB After Width: | Height: | Size: 1.3 MiB |
5
home/options/default.nix
Normal file
5
home/options/default.nix
Normal file
|
|
@ -0,0 +1,5 @@
|
|||
{
|
||||
imports = [
|
||||
./ntfy-client.nix
|
||||
];
|
||||
}
|
||||
81
home/options/ntfy-client.nix
Normal file
81
home/options/ntfy-client.nix
Normal file
|
|
@ -0,0 +1,81 @@
|
|||
{
|
||||
config,
|
||||
lib,
|
||||
pkgs,
|
||||
...
|
||||
}:
|
||||
let
|
||||
inherit (lib)
|
||||
literalExpression
|
||||
mkEnableOption
|
||||
mkPackageOption
|
||||
mkOption
|
||||
types
|
||||
mkIf
|
||||
getExe'
|
||||
;
|
||||
|
||||
cfg = config.services.ntfy-client;
|
||||
in
|
||||
{
|
||||
options.services.ntfy-client = {
|
||||
enable = mkEnableOption "enable ntfy client subscription";
|
||||
package = mkPackageOption pkgs "ntfy-sh" { };
|
||||
extraArgs = mkOption {
|
||||
type = with types; listOf str;
|
||||
default = [ ];
|
||||
};
|
||||
settings = mkOption {
|
||||
type = with types; attrs;
|
||||
description = "The settings for `client.yml`";
|
||||
default = { };
|
||||
example = literalExpression ''
|
||||
{
|
||||
default-host = "https://ntfy.sh";
|
||||
subscribe = [
|
||||
{
|
||||
topic = "common";
|
||||
command = ''\''notify-send "$m"''\'';
|
||||
token = "$TOKEN";
|
||||
}
|
||||
];
|
||||
}
|
||||
'';
|
||||
};
|
||||
|
||||
environmentFile = mkOption {
|
||||
type = with types; path;
|
||||
default = null;
|
||||
description = "environmentFile contains secrets";
|
||||
example = ''
|
||||
/var/run/secrets
|
||||
|
||||
content:
|
||||
|
||||
NTFY_USER="username:password"
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable (
|
||||
let
|
||||
configFile = (pkgs.formats.yaml { }).generate "ntfy-client.yml" cfg.settings;
|
||||
in
|
||||
{
|
||||
systemd.user.services.ntfy-client = {
|
||||
Unit.X-Restart-Triggers = [ config.xdg.configFile."ntfy/client.yml".source ];
|
||||
Install = {
|
||||
WantedBy = [ "graphical-session.target" ];
|
||||
};
|
||||
Service = {
|
||||
ExecStart = "${getExe' cfg.package "ntfy"} subscribe --from-config ${toString cfg.extraArgs}";
|
||||
EnvironmentFile = [
|
||||
cfg.environmentFile
|
||||
];
|
||||
};
|
||||
};
|
||||
|
||||
xdg.configFile."ntfy/client.yml".source = configFile;
|
||||
}
|
||||
);
|
||||
}
|
||||
|
|
@ -1,6 +1,7 @@
|
|||
{ ... }:
|
||||
{
|
||||
imports = [
|
||||
../options
|
||||
../user/internationalisation.nix
|
||||
../user/config.nix
|
||||
../user/direnv.nix
|
||||
|
|
|
|||
|
|
@ -10,7 +10,7 @@ let
|
|||
curl -sL "$url" -o "$filepath"
|
||||
fi
|
||||
|
||||
${config.services.swww.package}/bin/swww img "$filepath" \
|
||||
${config.services.swww.package}/bin/awww img "$filepath" \
|
||||
--transition-fps 45 \
|
||||
--transition-duration 1 \
|
||||
--transition-type random
|
||||
|
|
|
|||
15
home/scripts/ntfy.nix
Normal file
15
home/scripts/ntfy.nix
Normal file
|
|
@ -0,0 +1,15 @@
|
|||
{
|
||||
config,
|
||||
pkgs,
|
||||
lib,
|
||||
}:
|
||||
let
|
||||
inherit (lib) getExe';
|
||||
in
|
||||
pkgs.writeShellScriptBin "ntfy" ''
|
||||
set -o allexport
|
||||
source "${config.sops.secrets."ntfy".path}"
|
||||
set +o allexport
|
||||
|
||||
${getExe' pkgs.ntfy-sh "ntfy"} "$@"
|
||||
''
|
||||
|
|
@ -1,4 +1,17 @@
|
|||
{ pkgs, ... }:
|
||||
{
|
||||
osConfig,
|
||||
config,
|
||||
pkgs,
|
||||
}:
|
||||
let
|
||||
inherit (osConfig.networking) hostName;
|
||||
shouldNotify =
|
||||
(builtins.hasAttr "ntfy-client" config.services) && config.services.ntfy-client.enable;
|
||||
rebuildCommand = ''
|
||||
nixos-rebuild switch --target-host "$TARGET" \
|
||||
--build-host "$BUILD" \
|
||||
--sudo --ask-sudo-password $@'';
|
||||
in
|
||||
pkgs.writeShellScriptBin "rRebuild" ''
|
||||
TARGET=$1
|
||||
BUILD=$2
|
||||
|
|
@ -6,5 +19,20 @@ pkgs.writeShellScriptBin "rRebuild" ''
|
|||
shift
|
||||
shift
|
||||
|
||||
nixos-rebuild switch --target-host "$TARGET" --build-host "$BUILD" --sudo --ask-sudo-password $@
|
||||
${
|
||||
if shouldNotify then
|
||||
''
|
||||
export NTFY_TITLE="🎯 $TARGET built by 🏗️ ''\${BUILD:-${hostName}}"
|
||||
export NTFY_TAGS="gear"
|
||||
|
||||
if ${rebuildCommand}
|
||||
then
|
||||
ntfy pub system-build "✅ Build success" > /dev/null 2>&1
|
||||
else
|
||||
ntfy pub system-build "⛔ Build failed" > /dev/null 2>&1
|
||||
fi
|
||||
''
|
||||
else
|
||||
rebuildCommand
|
||||
}
|
||||
''
|
||||
|
|
|
|||
|
|
@ -15,7 +15,6 @@ in
|
|||
recursive = true;
|
||||
source = "${configDir}/gh";
|
||||
};
|
||||
".face".source = "${configDir}/.face";
|
||||
};
|
||||
|
||||
xdg.mimeApps = {
|
||||
|
|
|
|||
|
|
@ -8,7 +8,7 @@
|
|||
XDG_CACHE_HOME = "\${HOME}/.cache";
|
||||
XDG_CONFIG_HOME = "\${HOME}/.config";
|
||||
XDG_DATA_HOME = "\${HOME}/.local/share";
|
||||
XDG_DATA_DIRS = "\${XDG_DATA_DIRS}:/usr/share:/var/lib/flatpak/exports/share:\${HOME}/.local/share/flatpak/exports/share";
|
||||
XDG_DATA_DIRS = "\${XDG_DATA_DIRS}:/usr/share";
|
||||
|
||||
WLR_RENDERER = "vulkan";
|
||||
|
||||
|
|
|
|||
|
|
@ -6,9 +6,9 @@
|
|||
{
|
||||
programs.git = {
|
||||
enable = true;
|
||||
userName = username;
|
||||
userEmail = email;
|
||||
extraConfig = {
|
||||
settings = {
|
||||
user.name = username;
|
||||
user.email = email;
|
||||
safe.directory = [ "/etc/nixos" ];
|
||||
init.defaultBranch = "main";
|
||||
pull.rebase = true;
|
||||
|
|
|
|||
|
|
@ -2,7 +2,6 @@
|
|||
{
|
||||
osConfig,
|
||||
config,
|
||||
lib,
|
||||
pkgs,
|
||||
...
|
||||
}:
|
||||
|
|
@ -18,6 +17,7 @@ let
|
|||
browser = "${prefix}${browser-bin}";
|
||||
terminal = "${prefix}ghostty";
|
||||
filemanager = "${terminal} -e yazi";
|
||||
mailClient = "${prefix}thunderbird";
|
||||
|
||||
screenshotFolder = "--output-folder ~/Pictures/Screenshots";
|
||||
clipboardOnly = "${screenshotFolder}";
|
||||
|
|
@ -49,7 +49,8 @@ in
|
|||
''CTRL ALT, T, exec, ${terminal}''
|
||||
''${mainMod}, Q, killactive, ''
|
||||
|
||||
''${mainMod}, M, exec, ${toggleWlogout}''
|
||||
''${mainMod} SHIFT, M, exec, ${toggleWlogout}''
|
||||
''${mainMod}, M, exec, ${mailClient}''
|
||||
''${mainMod}, E, exec, ${filemanager}''
|
||||
''${mainMod}, V, togglefloating, ''
|
||||
''ALT, SPACE, exec, rofi -config ~/.config/rofi/apps.rasi -show drun''
|
||||
|
|
|
|||
|
|
@ -3,11 +3,12 @@
|
|||
lib,
|
||||
inputs,
|
||||
config,
|
||||
system,
|
||||
osConfig,
|
||||
...
|
||||
}:
|
||||
let
|
||||
inherit (lib) mkForce escapeShellArgs getExe';
|
||||
inherit (pkgs.stdenv.hostPlatform) system;
|
||||
inherit (osConfig.systemConf) username;
|
||||
inherit (osConfig.systemConf.hyprland) monitors;
|
||||
terminal = "ghostty";
|
||||
|
|
@ -64,7 +65,6 @@ in
|
|||
plugins = (
|
||||
with inputs.hyprland-plugins.packages.${system};
|
||||
[
|
||||
xtra-dispatchers
|
||||
hyprwinwrap
|
||||
]
|
||||
);
|
||||
|
|
@ -138,12 +138,15 @@ in
|
|||
};
|
||||
};
|
||||
|
||||
# === Swww === #
|
||||
# === Awww === #
|
||||
services.swww = {
|
||||
enable = true;
|
||||
package = inputs.swww.packages.${system}.swww;
|
||||
package = inputs.awww.packages.${system}.awww;
|
||||
};
|
||||
|
||||
systemd.user.services.swww.Service.ExecStart =
|
||||
mkForce "${getExe' config.services.swww.package "awww-daemon"} ${escapeShellArgs config.services.swww.extraArgs}";
|
||||
|
||||
# === hyprlock === #
|
||||
programs.hyprlock = {
|
||||
enable = true;
|
||||
|
|
|
|||
|
|
@ -8,7 +8,7 @@ let
|
|||
addons = with pkgs; [
|
||||
fcitx5-gtk
|
||||
fcitx5-mozc # Japanese
|
||||
fcitx5-chinese-addons
|
||||
qt6Packages.fcitx5-chinese-addons
|
||||
fcitx5-rime # Bopomofo
|
||||
rime-data
|
||||
];
|
||||
|
|
|
|||
|
|
@ -28,16 +28,25 @@ in
|
|||
imports = [
|
||||
./plugins/snacks-nvim
|
||||
./plugins/lualine
|
||||
./plugins/leetcode
|
||||
./extra-lsp.nix
|
||||
];
|
||||
|
||||
home.packages = with pkgs; [
|
||||
(rust-bin.stable.latest.default.override {
|
||||
extensions = [ "rust-src" ];
|
||||
})
|
||||
];
|
||||
|
||||
programs.nvf = {
|
||||
enable = true;
|
||||
settings = {
|
||||
vim = {
|
||||
enableLuaLoader = true;
|
||||
vimAlias = true;
|
||||
extraPackages = with pkgs; [ nixfmt ];
|
||||
extraPackages = with pkgs; [
|
||||
nixfmt
|
||||
];
|
||||
|
||||
clipboard = {
|
||||
enable = true;
|
||||
|
|
@ -380,12 +389,9 @@ in
|
|||
enable = true;
|
||||
lsp = {
|
||||
enable = true;
|
||||
package = [
|
||||
"rust-analyzer"
|
||||
];
|
||||
opts = ''
|
||||
['rust-analyzer'] = {
|
||||
cargo = {allFeature = true},
|
||||
cargo = { allFeature = true },
|
||||
checkOnSave = true,
|
||||
procMacro = {
|
||||
enable = true,
|
||||
|
|
@ -528,7 +534,8 @@ in
|
|||
|
||||
yazi-nvim = {
|
||||
enable = true;
|
||||
mappings.openYaziDir = "<leader>e";
|
||||
mappings.openYaziDir = "<leader>-";
|
||||
mappings.openYazi = "<leader>e";
|
||||
};
|
||||
|
||||
images = {
|
||||
|
|
|
|||
72
home/user/nvf/plugins/leetcode/default.nix
Normal file
72
home/user/nvf/plugins/leetcode/default.nix
Normal file
|
|
@ -0,0 +1,72 @@
|
|||
{
|
||||
lib,
|
||||
config,
|
||||
osConfig,
|
||||
...
|
||||
}:
|
||||
let
|
||||
inherit (lib.generators) mkLuaInline;
|
||||
inherit (osConfig.systemConf) username;
|
||||
relativeDir = "projects/leetcode";
|
||||
dataDir = "${config.home.homeDirectory}/${relativeDir}";
|
||||
in
|
||||
{
|
||||
programs.nvf.settings.vim.utility.leetcode-nvim = {
|
||||
enable = true;
|
||||
setupOpts = {
|
||||
image_support = true;
|
||||
lang = "rust";
|
||||
plugins.non_standalone = true;
|
||||
storage.home = mkLuaInline ''"${dataDir}"'';
|
||||
injector = mkLuaInline ''
|
||||
{
|
||||
['rust'] = {
|
||||
before = { '#[allow(dead_code)]', 'fn main() {}', '#[allow(dead_code)]', 'struct Solution;' },
|
||||
}
|
||||
}
|
||||
'';
|
||||
hooks."question_enter" = [
|
||||
(mkLuaInline
|
||||
# lua
|
||||
''
|
||||
function (question)
|
||||
if question.lang ~= 'rust' then
|
||||
return
|
||||
end
|
||||
|
||||
local config = require("leetcode.config")
|
||||
local problem_dir = config.user.storage.home .. "/Cargo.toml"
|
||||
local content = [[
|
||||
[package]
|
||||
name = "leetcode"
|
||||
edition = "2024"
|
||||
|
||||
[lib]
|
||||
name = "%s"
|
||||
path = "%s"
|
||||
|
||||
[dependencies]
|
||||
rand = "0.8"
|
||||
regex = "1"
|
||||
itertools = "0.14.0"
|
||||
]]
|
||||
|
||||
local file = io.open(problem_dir, "w")
|
||||
if file then
|
||||
local formatted = (content:gsub(" +", "")):format(question.q.frontend_id, question:path())
|
||||
file:write(formatted)
|
||||
file:close()
|
||||
else
|
||||
print("Failed to open file " .. problem_dir)
|
||||
end
|
||||
end
|
||||
''
|
||||
)
|
||||
];
|
||||
};
|
||||
};
|
||||
|
||||
systemd.user.tmpfiles.rules = [
|
||||
"d ${dataDir} 0744 ${username} users -"
|
||||
];
|
||||
}
|
||||
|
|
@ -1,12 +1,10 @@
|
|||
{
|
||||
pkgs,
|
||||
lib,
|
||||
inputs,
|
||||
system,
|
||||
osConfig,
|
||||
...
|
||||
}:
|
||||
let
|
||||
inherit (pkgs.stdenv.hostPlatform) system;
|
||||
md2html = pkgs.callPackage ../scripts/md2html.nix { };
|
||||
ghosttyShaders = pkgs.fetchFromGitHub {
|
||||
owner = "sahaj-b";
|
||||
|
|
@ -60,61 +58,46 @@ in
|
|||
};
|
||||
};
|
||||
|
||||
home.packages =
|
||||
with pkgs;
|
||||
[
|
||||
obsidian
|
||||
home.packages = with pkgs; [
|
||||
obsidian
|
||||
|
||||
# Discord
|
||||
# vesktop
|
||||
discord
|
||||
# Discord
|
||||
# vesktop
|
||||
discord
|
||||
|
||||
# Dev stuff
|
||||
(python3.withPackages (python-pkgs: [
|
||||
python-pkgs.pip
|
||||
python-pkgs.requests
|
||||
]))
|
||||
# Dev stuff
|
||||
(python3.withPackages (python-pkgs: [
|
||||
python-pkgs.pip
|
||||
python-pkgs.requests
|
||||
]))
|
||||
|
||||
# Work stuff
|
||||
libreoffice-qt
|
||||
pandoc
|
||||
# Work stuff
|
||||
libreoffice-qt
|
||||
pandoc
|
||||
|
||||
# Bluetooth
|
||||
blueberry
|
||||
# Bluetooth
|
||||
blueberry
|
||||
|
||||
# Downloads
|
||||
qbittorrent
|
||||
# Downloads
|
||||
qbittorrent
|
||||
|
||||
# Utils
|
||||
cava
|
||||
papirus-folders
|
||||
inkscape
|
||||
# Utils
|
||||
cava
|
||||
papirus-folders
|
||||
inkscape
|
||||
|
||||
# PDF Preview
|
||||
poppler
|
||||
trash-cli
|
||||
# PDF Preview
|
||||
poppler
|
||||
trash-cli
|
||||
|
||||
# File Manager
|
||||
nemo
|
||||
# File Manager
|
||||
nemo
|
||||
|
||||
# Thumbnail
|
||||
ffmpegthumbnailer
|
||||
thunderbird
|
||||
|
||||
thunderbird
|
||||
# Thumbnail
|
||||
ffmpegthumbnailer
|
||||
|
||||
md2html
|
||||
]
|
||||
++ (
|
||||
if osConfig.programs.steam.enable then
|
||||
[
|
||||
steam-run
|
||||
protonup
|
||||
]
|
||||
else
|
||||
[ ]
|
||||
);
|
||||
|
||||
home.sessionVariables = lib.mkIf osConfig.programs.steam.enable {
|
||||
STEAM_EXTRA_COMPAT_TOOLS_PATHS = "\${HOME}/.steam/root/compatibilitytools.d";
|
||||
};
|
||||
md2html
|
||||
];
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,9 +1,17 @@
|
|||
{ osConfig, pkgs, ... }:
|
||||
{
|
||||
osConfig,
|
||||
config,
|
||||
pkgs,
|
||||
...
|
||||
}:
|
||||
let
|
||||
shellAlias = import ./shellAlias.nix { hostname = osConfig.networking.hostName; };
|
||||
remoteRebuld = pkgs.callPackage ../scripts/remoteRebuild.nix { };
|
||||
remoteRebuld = import ../scripts/remoteRebuild.nix { inherit osConfig config pkgs; };
|
||||
in
|
||||
{
|
||||
imports = [
|
||||
./shellAlias.nix
|
||||
];
|
||||
|
||||
home.packages = with pkgs; [
|
||||
# Shell
|
||||
grc
|
||||
|
|
@ -34,7 +42,6 @@ in
|
|||
src = pkgs.fishPlugins.hydro.src;
|
||||
}
|
||||
];
|
||||
shellAliases = shellAlias;
|
||||
};
|
||||
|
||||
bash = {
|
||||
|
|
|
|||
|
|
@ -1,27 +1,68 @@
|
|||
{ hostname }:
|
||||
{
|
||||
ls = "exa --icons";
|
||||
lp = "exa"; # Pure output
|
||||
cat = "bat";
|
||||
g = "git";
|
||||
t = "tmux";
|
||||
osConfig,
|
||||
config,
|
||||
pkgs,
|
||||
...
|
||||
}:
|
||||
let
|
||||
hostname = osConfig.networking.hostName;
|
||||
|
||||
# Nixos
|
||||
rebuild = "sudo nixos-rebuild switch --flake /etc/nixos#${hostname}";
|
||||
fullClean = "sudo nix store gc && sudo nix-collect-garbage -d && sudo /run/current-system/bin/switch-to-configuration boot";
|
||||
shouldNotify =
|
||||
(builtins.hasAttr "ntfy-client" config.services) && config.services.ntfy-client.enable;
|
||||
|
||||
# Hyprland
|
||||
hyprlog = "grep -v \"arranged\" $XDG_RUNTIME_DIR/hypr/$HYPRLAND_INSTANCE_SIGNATURE/hyprland.log | cat";
|
||||
rebuildCommand = ''
|
||||
sudo nixos-rebuild switch --target-host "$TARGET" \
|
||||
--build-host "$BUILD" \
|
||||
--sudo --ask-sudo-password $@'';
|
||||
|
||||
# Systemd Boot
|
||||
setWin = "sudo bootctl set-oneshot auto-windows";
|
||||
goWin = "sudo bootctl set-oneshot auto-windows && reboot";
|
||||
goBios = "sudo bootctl set-oneshot auto-reboot-to-firmware-setup && reboot";
|
||||
rebuild = pkgs.writeShellScriptBin "rebuild" ''
|
||||
${
|
||||
if shouldNotify then
|
||||
''
|
||||
export NTFY_TITLE="🎯 ${hostname}"
|
||||
export NTFY_TAGS="gear"
|
||||
|
||||
# TTY
|
||||
hideTTY = ''sudo sh -c "echo 0 > /sys/class/graphics/fb0/blank"'';
|
||||
showTTY = ''sudo sh -c "echo 1 > /sys/class/graphics/fb0/blank"'';
|
||||
if ${rebuildCommand}
|
||||
then
|
||||
ntfy pub system-build "✅ Build success" > /dev/null 2>&1
|
||||
else
|
||||
ntfy pub system-build "⛔ Build failed" > /dev/null 2>&1
|
||||
fi
|
||||
''
|
||||
else
|
||||
rebuildCommand
|
||||
}
|
||||
'';
|
||||
in
|
||||
{
|
||||
home.packages = [
|
||||
rebuild
|
||||
];
|
||||
|
||||
# Recover from hyprlock corruption
|
||||
letMeIn = ''hyprctl --instance 0 "keyword misc:allow_session_lock_restore 1" && hyprctl --instance 0 dispatch "exec hyprlock"'';
|
||||
programs.fish.shellAliases = {
|
||||
ls = "exa --icons";
|
||||
lp = "exa"; # Pure output
|
||||
cat = "bat";
|
||||
g = "git";
|
||||
t = "tmux";
|
||||
podt = "podman-tui";
|
||||
|
||||
# Nixos
|
||||
fullClean = "sudo nix store gc && sudo nix-collect-garbage -d && sudo /run/current-system/bin/switch-to-configuration boot";
|
||||
|
||||
# Hyprland
|
||||
hyprlog = "grep -v \"arranged\" $XDG_RUNTIME_DIR/hypr/$HYPRLAND_INSTANCE_SIGNATURE/hyprland.log | cat";
|
||||
|
||||
# Systemd Boot
|
||||
setWin = "sudo bootctl set-oneshot auto-windows";
|
||||
goWin = "sudo bootctl set-oneshot auto-windows && reboot";
|
||||
goBios = "sudo bootctl set-oneshot auto-reboot-to-firmware-setup && reboot";
|
||||
|
||||
# TTY
|
||||
hideTTY = ''sudo sh -c "echo 0 > /sys/class/graphics/fb0/blank"'';
|
||||
showTTY = ''sudo sh -c "echo 1 > /sys/class/graphics/fb0/blank"'';
|
||||
|
||||
# Recover from hyprlock corruption
|
||||
letMeIn = ''hyprctl --instance 0 "keyword misc:allow_session_lock_restore 1" && hyprctl --instance 0 dispatch "exec hyprlock"'';
|
||||
};
|
||||
}
|
||||
|
|
|
|||
|
|
@ -4,7 +4,6 @@
|
|||
{
|
||||
osConfig,
|
||||
config,
|
||||
username,
|
||||
lib,
|
||||
pkgs,
|
||||
helper,
|
||||
|
|
@ -72,7 +71,7 @@ let
|
|||
exit 1
|
||||
fi
|
||||
|
||||
${config.services.swww.package}/bin/swww img "$selected" --transition-fps 45 --transition-duration 1 --transition-type random
|
||||
${config.services.swww.package}/bin/awww img "$selected" --transition-fps 45 --transition-duration 1 --transition-type random
|
||||
'';
|
||||
|
||||
rbwSelector = import ../scripts/rbwSelector.nix { inherit pkgs; };
|
||||
|
|
@ -84,11 +83,6 @@ in
|
|||
mkWall
|
||||
];
|
||||
|
||||
# For wallpapers
|
||||
systemd.user.tmpfiles.rules = [
|
||||
"d /tmp/wall_cache 700 ${username} -"
|
||||
];
|
||||
|
||||
# === gamemoded -r === #
|
||||
systemd.user.services.gamemodedr = lib.mkIf osConfig.programs.gamemode.enable {
|
||||
Service = {
|
||||
|
|
|
|||
|
|
@ -1,11 +1,12 @@
|
|||
{
|
||||
inputs,
|
||||
system,
|
||||
config,
|
||||
pkgs,
|
||||
lib,
|
||||
...
|
||||
}:
|
||||
let
|
||||
inherit (pkgs.stdenv.hostPlatform) system;
|
||||
yaziPlugins = pkgs.fetchFromGitHub {
|
||||
owner = "yazi-rs";
|
||||
repo = "plugins";
|
||||
|
|
@ -63,7 +64,7 @@ in
|
|||
opener = {
|
||||
set-wallpaper = [
|
||||
{
|
||||
run = ''${pkgs.swww}/bin/swww img "$1" --transition-fps 45 --transition-duration 1 --transition-type random'';
|
||||
run = ''${config.services.swww.package}/bin/awww img "$1" --transition-fps 45 --transition-duration 1 --transition-type random'';
|
||||
for = "linux";
|
||||
desc = "Set as wallpaper";
|
||||
}
|
||||
|
|
@ -111,7 +112,7 @@ in
|
|||
"g"
|
||||
"w"
|
||||
];
|
||||
run = ''shell -- ${pkgs.swww}/bin/swww img "$1" --transition-fps 45 --transition-duration 1 --transition-type random'';
|
||||
run = ''shell -- ${config.services.swww.package}/bin/awww img "$1" --transition-fps 45 --transition-duration 1 --transition-type random'';
|
||||
desc = "Set as wallpaper";
|
||||
}
|
||||
# Git Changes
|
||||
|
|
@ -178,9 +179,7 @@ in
|
|||
"c"
|
||||
"D"
|
||||
];
|
||||
run = ''
|
||||
shell '${pkgs.ripdrag.out}/bin/ripdrag "$@" -x 2>/dev/null &' --confirm
|
||||
'';
|
||||
run = ''shell 'ripdrag "$0" "$@" -x 2>/dev/null &' --confirm'';
|
||||
desc = "Drag the file";
|
||||
}
|
||||
# Start terminal
|
||||
|
|
@ -214,7 +213,7 @@ in
|
|||
{
|
||||
on = [
|
||||
"F" # file
|
||||
"m" # markdown
|
||||
"M" # markdown
|
||||
"H" # html
|
||||
];
|
||||
for = "unix";
|
||||
|
|
@ -251,5 +250,6 @@ in
|
|||
home.packages = with pkgs; [
|
||||
ueberzugpp
|
||||
pdfNormalize
|
||||
ripdrag
|
||||
];
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,6 +1,5 @@
|
|||
{
|
||||
inputs,
|
||||
system,
|
||||
config,
|
||||
pkgs,
|
||||
helper,
|
||||
|
|
@ -8,6 +7,7 @@
|
|||
...
|
||||
}:
|
||||
let
|
||||
inherit (pkgs.stdenv.hostPlatform) system;
|
||||
inherit (lib)
|
||||
mkOption
|
||||
mkEnableOption
|
||||
|
|
@ -63,6 +63,12 @@ in
|
|||
description = "Hostname for system";
|
||||
};
|
||||
|
||||
face = mkOption {
|
||||
type = with types; nullOr path;
|
||||
description = "User avatar";
|
||||
default = null;
|
||||
};
|
||||
|
||||
domain = mkOption {
|
||||
type = types.str;
|
||||
default = "local";
|
||||
|
|
@ -140,6 +146,7 @@ in
|
|||
imports = [
|
||||
inputs.hyprland.homeManagerModules.default
|
||||
inputs.caelestia-shell.homeManagerModules.default
|
||||
inputs.sops-nix.homeManagerModules.default
|
||||
inputs.zen-browser.homeManagerModules.${system}.default
|
||||
inputs.nvf.homeManagerModules.default
|
||||
{
|
||||
|
|
@ -148,6 +155,10 @@ in
|
|||
stateVersion = stateVersion;
|
||||
};
|
||||
programs.home-manager.enable = true;
|
||||
|
||||
home.file.".face" = mkIf (cfg.face != null) {
|
||||
source = cfg.face;
|
||||
};
|
||||
}
|
||||
]
|
||||
++ (optionals cfg.hyprland.enable [
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
[
|
||||
(import ./vesktop.nix)
|
||||
(import ./powerdns-admin.nix)
|
||||
(import ./stalwart-mail)
|
||||
# (import ./powerdns-admin.nix)
|
||||
# (import ./stalwart-mail)
|
||||
]
|
||||
|
|
|
|||
|
|
@ -1,35 +0,0 @@
|
|||
diff --git a/lib/Service/DownloadModelsService.php b/lib/Service/DownloadModelsService.php
|
||||
index 64e4223..ac939a3 100755
|
||||
--- a/lib/Service/DownloadModelsService.php
|
||||
+++ b/lib/Service/DownloadModelsService.php
|
||||
@@ -27,7 +27,7 @@ final class DownloadModelsService {
|
||||
* @throws \Exception
|
||||
*/
|
||||
public function download() : void {
|
||||
- $targetPath = __DIR__ . '/../../models';
|
||||
+ $targetPath = "/var/lib/nextcloud/models";
|
||||
if (file_exists($targetPath)) {
|
||||
// remove models directory
|
||||
$it = new RecursiveDirectoryIterator($targetPath, FilesystemIterator::SKIP_DOTS);
|
||||
@@ -44,7 +44,7 @@ final class DownloadModelsService {
|
||||
}
|
||||
|
||||
$archiveUrl = $this->getArchiveUrl($this->getNeededArchiveRef());
|
||||
- $archivePath = __DIR__ . '/../../models.tar.gz';
|
||||
+ $archivePath = "/var/lib/nextcloud/models.tar.gz";
|
||||
$timeout = $this->isCLI ? 0 : 480;
|
||||
$this->clientService->newClient()->get($archiveUrl, ['sink' => $archivePath, 'timeout' => $timeout]);
|
||||
$tarManager = new TAR($archivePath);
|
||||
diff --git a/lib/Settings/AdminSettings.php b/lib/Settings/AdminSettings.php
|
||||
index 83f8a76..ac73d29 100755
|
||||
--- a/lib/Settings/AdminSettings.php
|
||||
+++ b/lib/Settings/AdminSettings.php
|
||||
@@ -28,7 +28,7 @@ final class AdminSettings implements ISettings {
|
||||
$settings = $this->settingsService->getAll();
|
||||
$this->initialState->provideInitialState('settings', $settings);
|
||||
|
||||
- $modelsPath = __DIR__ . '/../../models';
|
||||
+ $modelsPath = "/var/lib/nextcloud/models";
|
||||
$modelsDownloaded = file_exists($modelsPath);
|
||||
$this->initialState->provideInitialState('modelsDownloaded', $modelsDownloaded);
|
||||
|
||||
|
|
@ -8,6 +8,7 @@ in
|
|||
{
|
||||
systemConf = {
|
||||
inherit hostname username;
|
||||
face = ../../../home/config/.face;
|
||||
domain = "net.dn";
|
||||
hyprland = {
|
||||
enable = true;
|
||||
|
|
@ -23,6 +24,8 @@ in
|
|||
|
||||
imports = [
|
||||
../../modules/presets/basic.nix
|
||||
../public/dn
|
||||
../public/dn/ntfy.nix
|
||||
./common
|
||||
./games
|
||||
./home
|
||||
|
|
|
|||
|
|
@ -2,25 +2,25 @@ wireguard:
|
|||
wg0.conf: ENC[AES256_GCM,data:drqs+CkZVZH4K87jWZLy33NuqPeqLkyTp6mDoxcOsEYGaIR38pommv4TSynAOvrUC3dCw9O+qLHEiSwlJGoZOQKFzHxUefKrCtkRMCE3ytDKFmJbLoKT/GPxnOOenIm8JxKX6nsLaqCk36ODXzTA8iU8ICN2zqoCiodjx72Ge2KckQzSak04v28B6viuzfl8zipD1Fetm72sOBTX0I0WwoziDBBL77x1hX/8POob3ISrTejhik18dxAPLB9H3iVl1aOHhszsrAYB26IfujY/FxRqIrn8v+H2aFen3oowRjd/wTPtc/rLZj/7n6/Sl3NDzOE+jIYYG7yym7lkUM9Z,iv:oS01iUSG0ufUzIsfPD/jF3/TPEDDBp+CnnLQnyze8dM=,tag:mtmY3OVz3k7eu5Lxe14KLg==,type:str]
|
||||
sops:
|
||||
age:
|
||||
- recipient: age1z6f643a6vqm7cqh6fna5dhmxfkgwxgqy8kg9s0vf9uxhaswtngtspmqsjw
|
||||
- recipient: age1uvsvf5ljaezh5wze32p685kfentyle0l2mvysc67yvgct2h4850qqph9lv
|
||||
enc: |
|
||||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBkczZGckdvWVdlaFFxQmox
|
||||
eWM5eGtoOHIvbTlEc0RnSVN1REVMSTBXZURrCktDeUxMZUY1cHRtKzRLTDNDUU9E
|
||||
aldkcFZ2a0ZzUXdOSjZWeHVPZ1FJY1UKLS0tIGZZTlk4OWtZcERXME5YNk96cmc5
|
||||
M3RPbkRxSFRXeEU5MFZxLzl4clpabDAKiCaiEKZwaCUGi6DRtzb786c8qB+EiiCn
|
||||
YHrCvm5F72vAmDAozqtTjZM1Dt4yQDxPNMWKFyUzxY0TDpboGrgBHA==
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBqeGx5aDZOeVBDSWpjUlV4
|
||||
WEZuK3JBQnVySmQySFd4dnNKRkdVR01pVVRNClE2WXQveG9aaTZJUHVHaUdoOFht
|
||||
VENZMHF0eHkzb0VTUEN2TW5OYjBxS0UKLS0tIGlOb1VYdHhMMVd5L0RCSEVabzMx
|
||||
Q2wvRjV5SGQwZ3ZRNmYzSW5pdlJNTE0Kyg2/VqHJngn/n+OJbIDSn4fy+KjanN2o
|
||||
AufQbRG46T4kXeOwmtMp+5oRIrxKMibu8bvQpR6DjsHs0xmXhhlFAw==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
- recipient: age17rjcght2y5p4ryr76ysnxpy2wff62sml7pyc5udcts48985j05vqpwdfq2
|
||||
enc: |
|
||||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA1SzNGcVFkSS93VnQyUlZw
|
||||
YkM0U1BUTTF4ajY5VU5LOHpYbTBaYnBsUFZnCmx2a0R1VCtkcTUrT2VNMGRRc29H
|
||||
R1hVSHNDSjlwdk1RUXZYdkpFeUFkY1EKLS0tIDdVdU92STZIN0JmK0ZPeldsYlRG
|
||||
eWFnVWcrUVpRVDQveTloWk9LVm4yd28KppalVePvXwPks+2TKHqG8a+uZjpgQo3I
|
||||
edhrdNan56Ly5mLFyXmGlww88nqQMTZq4DODtyfF4+rRlyv0i4AEEg==
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA0N3pUMHNWVGxwOWFKVS9a
|
||||
dEYzREFSdkR0bldMSEV0b3dZMnlsQUE1RTNVCllPblJUMG90RlViZ2N1RU1TS2tO
|
||||
UnlHS0IzT3E3bER4eEg4SlQ5QjNZQ1UKLS0tIGhtTTlUZHVrbUZiRHZCbEt1K2w0
|
||||
V09NYXpBYXBtYWdBajJubmVFL2loY0EKJdYKQHPriOT0eouvRUiCyqLSTzugUZxl
|
||||
BFTwfCez1/K2ERKQkKsMfIARbHaI2SRyDxM2O1IJ+DOIJ2383K6Gvw==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2025-10-15T08:06:35Z"
|
||||
mac: ENC[AES256_GCM,data:sinK5N+aY4PwsqtHhyAI5a6YU7uhKkh5APrtQorgCYHJ1Q3p3Fit//UOnY86kK/CiXS/OQ6oZZi5XjJOKULThp8X2JSu1iAdBK2Sl11AD1kGyDb69vuYr3PlAFWDdp5mbjMAPACukUpeiIL9jfZWL06WqzGSz73hDHP3T90BZAE=,iv:bcT/JWtuy74/5B/S4vzEgv8Vcnw8aMGNr8f2ON7uJI0=,tag:iA/iW+TFxyW1PWZKtr+Kqw==,type:str]
|
||||
lastmodified: "2025-11-21T12:34:30Z"
|
||||
mac: ENC[AES256_GCM,data:LUqoXWMhmQQgqq1AX7I2v7z58ywstjWzsVTav9iu0RrkCxeB1u5V90E4tcnfjtquLwjiabpLSRpkUXE33DhqcgxLIklX0Cpld5TK1Bsdn8DXyKk1Lhfdf3OL7cn14kb4CqXTNlDyqwM+BBsYmdFQzPjb8IPiD9y+mTO5yHuAta0=,iv:mbHhZdv+0lDI9cNUsI3oatwbItQ6Xfvgm0UMQdu9FKA=,tag:aPFWPwahvMjBojzthZZ6vQ==,type:str]
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.11.0
|
||||
|
|
|
|||
|
|
@ -55,6 +55,9 @@ in
|
|||
|
||||
imports = [
|
||||
../../modules/presets/basic.nix
|
||||
../public/dn
|
||||
../public/dn/ntfy.nix
|
||||
./expr
|
||||
./common
|
||||
./games
|
||||
./home
|
||||
|
|
|
|||
|
|
@ -1,5 +1,6 @@
|
|||
{
|
||||
imports = [
|
||||
./netbird.nix
|
||||
# ./netbird.nix
|
||||
./osx-kvm.nix
|
||||
];
|
||||
}
|
||||
|
|
|
|||
14
system/dev/dn-pre7780/expr/osx-kvm.nix
Normal file
14
system/dev/dn-pre7780/expr/osx-kvm.nix
Normal file
|
|
@ -0,0 +1,14 @@
|
|||
{ config, ... }:
|
||||
let
|
||||
inherit (config.systemConf) username;
|
||||
in
|
||||
{
|
||||
virtualisation.libvirtd.enable = true;
|
||||
users.extraUsers."${username}".extraGroups = [ "libvirtd" ];
|
||||
|
||||
boot.extraModprobeConfig = ''
|
||||
options kvm_intel nested=1
|
||||
options kvm_intel emulate_invalid_guest_state=0
|
||||
options kvm ignore_msrs=1 report_ignored_msrs=0
|
||||
'';
|
||||
}
|
||||
|
|
@ -2,9 +2,10 @@
|
|||
pkgs,
|
||||
lib,
|
||||
inputs,
|
||||
system,
|
||||
}:
|
||||
let
|
||||
inherit (pkgs.stdenv.hostPlatform) system;
|
||||
|
||||
vmList =
|
||||
let
|
||||
kubeMasterIP = "192.168.0.6";
|
||||
|
|
|
|||
|
|
@ -2,11 +2,9 @@
|
|||
pkgs,
|
||||
pkgs-stable,
|
||||
config,
|
||||
inputs,
|
||||
...
|
||||
}:
|
||||
let
|
||||
protonGEVersion = "10-15";
|
||||
# ==== Needed for special import ==== #
|
||||
shadps4-7 = pkgs.shadps4.overrideAttrs (_: rec {
|
||||
version = "0.7.0";
|
||||
|
|
@ -39,20 +37,6 @@ in
|
|||
echo "AUTOEXEC LOADED SUCCESSFULLY!"
|
||||
host_writeconfig
|
||||
'';
|
||||
|
||||
# Proton GE
|
||||
".steam/root/compatibilitytools.d/GE-Proton${protonGEVersion}" = {
|
||||
source = fetchTarball {
|
||||
url = "https://github.com/GloriousEggroll/proton-ge-custom/releases/download/GE-Proton${protonGEVersion}/GE-Proton${protonGEVersion}.tar.gz";
|
||||
sha256 = "sha256:0iv7vak4a42b5m772gqr6wnarswib6dmybfcdjn3snvwxcb6hbsm";
|
||||
};
|
||||
};
|
||||
".steam/root/compatibilitytools.d/CachyOS-Proton10-0_v3" = {
|
||||
source = fetchTarball {
|
||||
url = "https://github.com/CachyOS/proton-cachyos/releases/download/cachyos-10.0-20250714-slr/proton-cachyos-10.0-20250714-slr-x86_64_v3.tar.xz";
|
||||
sha256 = "sha256:0hp22hkfv3f1p75im3xpif0pmixkq2i3hq3dhllzr2r7l1qx16iz";
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
|
|
|
|||
|
|
@ -1,4 +1,8 @@
|
|||
{ config, lib, ... }:
|
||||
{
|
||||
config,
|
||||
lib,
|
||||
...
|
||||
}:
|
||||
let
|
||||
inherit (lib) optionalString;
|
||||
inherit (config.systemConf) username;
|
||||
|
|
|
|||
|
|
@ -4,6 +4,7 @@
|
|||
./mail.nix
|
||||
./nginx.nix
|
||||
./wireguard.nix
|
||||
./nextcloud.nix
|
||||
# ./netbird.nix
|
||||
];
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,35 +1,42 @@
|
|||
{
|
||||
config,
|
||||
lib,
|
||||
pkgs,
|
||||
...
|
||||
}:
|
||||
let
|
||||
domain = "daccc.info";
|
||||
fqdn = "mx1.daccc.info";
|
||||
inherit (lib) mkIf;
|
||||
mkCondition = (
|
||||
condition: ithen: ielse: [
|
||||
{
|
||||
"if" = condition;
|
||||
"then" = ithen;
|
||||
}
|
||||
{ "else" = ielse; }
|
||||
]
|
||||
);
|
||||
|
||||
rspamdWebPort = 11333;
|
||||
rspamdPort = 31009;
|
||||
domain = "dnywe.com";
|
||||
fqdn = "mx1.dnywe.com";
|
||||
|
||||
rspamdSecretFile = config.sops.secrets."rspamd".path;
|
||||
rspamdSecretPath = "/run/rspamd/rspamd-controller-password.inc";
|
||||
in
|
||||
{
|
||||
networking.firewall.allowedTCPPorts = [ 8080 ];
|
||||
|
||||
imports = [
|
||||
(import ../../../modules/stalwart.nix {
|
||||
inherit domain;
|
||||
|
||||
enableNginx = false;
|
||||
dkimKey = config.sops.secrets."stalwart/dkimKey".path;
|
||||
adminPassFile = config.sops.secrets."stalwart/adminPassword".path;
|
||||
dbPassFile = config.sops.secrets."stalwart/db".path;
|
||||
acmeConf = {
|
||||
directory = "https://acme-v02.api.letsencrypt.org/directory";
|
||||
origin = "${domain}";
|
||||
contact = "admin@${domain}";
|
||||
domains = [
|
||||
domain
|
||||
fqdn
|
||||
];
|
||||
challenge = "dns-01";
|
||||
cache = "${config.services.stalwart-mail.dataDir}/acme";
|
||||
certs."default" = {
|
||||
default = true;
|
||||
provider = "cloudflare";
|
||||
renew-before = "30d";
|
||||
secret = "%{file:${config.sops.secrets."cloudflare/secret".path}}%";
|
||||
cert = "%{file:${config.security.acme.certs.${fqdn}.directory}/cert.pem}%";
|
||||
private-key = "%{file:${config.security.acme.certs.${fqdn}.directory}/key.pem}%";
|
||||
};
|
||||
ldapConf = {
|
||||
type = "ldap";
|
||||
|
|
@ -39,17 +46,19 @@ in
|
|||
base-dn = "ou=people,dc=net,dc=dn";
|
||||
attributes = {
|
||||
name = "uid";
|
||||
email = "mailRoutingAddress";
|
||||
email = "mail";
|
||||
email-alias = "mailRoutingAddress";
|
||||
secret = "userPassword";
|
||||
description = [
|
||||
"cn"
|
||||
"description"
|
||||
];
|
||||
class = "objectClass";
|
||||
groups = [ "memberOf" ];
|
||||
};
|
||||
filter = {
|
||||
name = "(&(objectClass=inetOrgPerson)(|(uid=?)(mail=?)(mailRoutingAddress=?)))";
|
||||
email = "(&(objectClass=inetOrgPerson)(mailRoutingAddress=?))";
|
||||
email = "(&(objectClass=inetOrgPerson)(|(mailRoutingAddress=?)(mail=?)))";
|
||||
};
|
||||
bind = {
|
||||
dn = "cn=admin,dc=net,dc=dn";
|
||||
|
|
@ -62,4 +71,135 @@ in
|
|||
})
|
||||
];
|
||||
|
||||
services.stalwart-mail.settings.spam-filter.enable = !config.services.rspamd.enable;
|
||||
|
||||
services.stalwart-mail.settings.session.milter."rspamd" = mkIf config.services.rspamd.enable {
|
||||
enable = mkCondition "listener = 'smtp'" true false;
|
||||
hostname = "127.0.0.1";
|
||||
port = rspamdPort;
|
||||
stages = [
|
||||
"connect"
|
||||
"ehlo"
|
||||
"mail"
|
||||
"rcpt"
|
||||
"data"
|
||||
];
|
||||
tls = false;
|
||||
allow-invalid-certs = false;
|
||||
options = {
|
||||
tempfail-on-error = true;
|
||||
max-response-size = 52428800; # 50mb
|
||||
version = 6;
|
||||
};
|
||||
};
|
||||
|
||||
services.rspamd = {
|
||||
enable = true;
|
||||
locals = {
|
||||
"redis.conf".text = ''
|
||||
servers = "${config.services.redis.servers.rspamd.unixSocket}";
|
||||
'';
|
||||
"classifier-bayes.conf".text = ''
|
||||
backend = "redis";
|
||||
autolearn = true;
|
||||
'';
|
||||
"dkim_signing.conf".text = ''
|
||||
enabled = false;
|
||||
'';
|
||||
"milter_headers.conf".text = ''
|
||||
enabled = true;
|
||||
extended_spam_headers = true;
|
||||
skip_local = false;
|
||||
use = ["x-spamd-bar", "x-spam-level", "x-spam-status", "authentication-results", "x-spamd-result"];
|
||||
authenticated_headers = ["authentication-results"];
|
||||
'';
|
||||
};
|
||||
localLuaRules =
|
||||
pkgs.writeText "rspamd-local.lua"
|
||||
# lua
|
||||
''
|
||||
-- Temporary fix for double dot issue rspamd#5273
|
||||
local lua_util = require("lua_util")
|
||||
|
||||
rspamd_config.UNQUALIFY_SENDER_HOSTNAME = {
|
||||
callback = function(task)
|
||||
local hn = task:get_hostname()
|
||||
if not hn then return end
|
||||
local san_hn = string.gsub(hn, "%.$", "")
|
||||
if hn ~= san_hn then
|
||||
task:set_hostname(san_hn)
|
||||
end
|
||||
end,
|
||||
type = "prefilter",
|
||||
priority = lua_util.symbols_priorities.top + 1,
|
||||
}
|
||||
'';
|
||||
workers = {
|
||||
rspamd_proxy = {
|
||||
type = "rspamd_proxy";
|
||||
includes = [ "$CONFDIR/worker-proxy.inc" ];
|
||||
bindSockets = [
|
||||
"*:${toString rspamdPort}"
|
||||
];
|
||||
extraConfig = ''
|
||||
self_scan = yes;
|
||||
'';
|
||||
};
|
||||
controller = {
|
||||
type = "controller";
|
||||
includes = [
|
||||
"$CONFDIR/worker-controller.inc"
|
||||
];
|
||||
extraConfig = ''
|
||||
.include(try=true; priority=1,duplicate=merge) "${rspamdSecretPath}"
|
||||
'';
|
||||
bindSockets = [ "127.0.0.1:${toString rspamdWebPort}" ];
|
||||
};
|
||||
};
|
||||
overrides."whitelist.conf".text = ''
|
||||
whiltelist_from {
|
||||
${domain} = true;
|
||||
}
|
||||
'';
|
||||
};
|
||||
|
||||
systemd.services.rspamd = mkIf config.services.rspamd.enable {
|
||||
path = [
|
||||
pkgs.rspamd
|
||||
pkgs.coreutils
|
||||
];
|
||||
serviceConfig = {
|
||||
ExecStartPre = [
|
||||
"${pkgs.writeShellScript "generate-rspamd-passwordfile" ''
|
||||
RSPAMD_PASSWORD_HASH=$(rspamadm pw --password $(cat ${rspamdSecretFile}))
|
||||
echo "enable_password = \"$RSPAMD_PASSWORD_HASH\";" > ${rspamdSecretPath}
|
||||
chmod 770 "${rspamdSecretPath}"
|
||||
''}"
|
||||
];
|
||||
};
|
||||
};
|
||||
|
||||
services.redis.servers.rspamd = {
|
||||
enable = true;
|
||||
port = 0;
|
||||
user = config.services.rspamd.user;
|
||||
};
|
||||
|
||||
security.acme = {
|
||||
acceptTerms = true;
|
||||
certs."${fqdn}" = {
|
||||
inheritDefaults = false;
|
||||
group = config.systemd.services.stalwart-mail.serviceConfig.Group;
|
||||
dnsProvider = "cloudflare";
|
||||
dnsResolver = "1.1.1.1:53";
|
||||
server = "https://acme-v02.api.letsencrypt.org/directory";
|
||||
validMinDays = 30;
|
||||
email = "dachxy@${domain}";
|
||||
extraDomainNames = [ domain ];
|
||||
environmentFile = config.sops.secrets."cloudflare/secret".path;
|
||||
postRun = ''
|
||||
systemctl reload stalwart-mail
|
||||
'';
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
|||
87
system/dev/dn-pre7780/services/nextcloud.nix
Normal file
87
system/dev/dn-pre7780/services/nextcloud.nix
Normal file
|
|
@ -0,0 +1,87 @@
|
|||
{
|
||||
config,
|
||||
lib,
|
||||
pkgs,
|
||||
...
|
||||
}:
|
||||
let
|
||||
hostname = "drive.dnywe.com";
|
||||
port = 31007;
|
||||
in
|
||||
{
|
||||
imports = [
|
||||
(import ../../../modules/nextcloud.nix {
|
||||
configureACME = false;
|
||||
hostname = hostname;
|
||||
adminpassFile = config.sops.secrets."nextcloud/adminPassword".path;
|
||||
trusted-domains = [
|
||||
hostname
|
||||
];
|
||||
trusted-proxies = [ "10.0.0.0/24" ];
|
||||
whiteboardSecrets = [
|
||||
config.sops.secrets."nextcloud/whiteboard".path
|
||||
];
|
||||
})
|
||||
];
|
||||
|
||||
services.nextcloud = {
|
||||
https = lib.mkForce false;
|
||||
extraApps = {
|
||||
inherit (config.services.nextcloud.package.packages.apps) spreed;
|
||||
|
||||
twofactor_totp = pkgs.fetchNextcloudApp {
|
||||
url = "https://github.com/nextcloud-releases/twofactor_totp/releases/download/v6.4.1/twofactor_totp-v6.4.1.tar.gz";
|
||||
sha256 = "sha256-Wa2P6tpp75IxCsTG4B5DQ8+iTzR7yjKBi4ZDBcv+AOI=";
|
||||
license = "agpl3Plus";
|
||||
};
|
||||
|
||||
twofactor_nextcloud_notification = pkgs.fetchNextcloudApp {
|
||||
url = "https://github.com/nextcloud-releases/twofactor_nextcloud_notification/releases/download/v3.9.0/twofactor_nextcloud_notification-v3.9.0.tar.gz";
|
||||
sha256 = "sha256-4fXWgDeiup5/Gm9hdZDj/u07rp/Nzwly53aLUT/d0IU=";
|
||||
license = "agpl3Plus";
|
||||
};
|
||||
|
||||
twofactor_email = pkgs.fetchNextcloudApp {
|
||||
url = "https://github.com/nursoda/twofactor_email/releases/download/2.8.2/twofactor_email.tar.gz";
|
||||
sha256 = "sha256-zk5DYNwoIRTIWrchWDiCHuvAST2kuIoow6VaHAAzYog=";
|
||||
license = "agpl3Plus";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
users.groups.signaling = {
|
||||
};
|
||||
|
||||
users.users.signaling = {
|
||||
isSystemUser = true;
|
||||
group = "signaling";
|
||||
};
|
||||
|
||||
systemd.services.nextcloud-spreed-signaling = {
|
||||
requiredBy = [
|
||||
"multi-users.target"
|
||||
"phpfpm-nextcloud.service"
|
||||
];
|
||||
serviceConfig = {
|
||||
User = "signaling";
|
||||
Group = "signaling";
|
||||
ExecStart = "${lib.getExe' pkgs.nextcloud-spreed-signaling "server"} --config ${
|
||||
config.sops.secrets."nextcloud/signaling.conf".path
|
||||
}";
|
||||
};
|
||||
};
|
||||
|
||||
services.nats = {
|
||||
enable = true;
|
||||
settings = {
|
||||
host = "127.0.0.1";
|
||||
};
|
||||
};
|
||||
|
||||
services.nginx.virtualHosts."${hostname}".listen = lib.mkForce [
|
||||
{
|
||||
port = port;
|
||||
addr = "0.0.0.0";
|
||||
}
|
||||
];
|
||||
}
|
||||
|
|
@ -3,7 +3,9 @@ wireguard:
|
|||
dovecot:
|
||||
openldap: ENC[AES256_GCM,data:U3YYreEqoh+F0Mrli52jgQowrUqIUPmdQps=,iv:vTjHBFsue+89GOCDigVIktgGSZNZv8A2e3GM80o6TXc=,tag:GGh+hsT+yV/I12meXxflbQ==,type:str]
|
||||
nextcloud:
|
||||
adminPassword: ENC[AES256_GCM,data:8LjI2/vQ9aHQfZSMumnjBw==,iv:1hfhKz58v10JfPgipueQVOtlCgBXwruA00BOkhjuN/E=,tag:y/vqcztye4Xlokpbm/jHiw==,type:str]
|
||||
adminPassword: ENC[AES256_GCM,data:69NrA/iP0sfrkdv8ahv7I+ZY,iv:/TXTs0fZw64HELdGr5CzgToO2L2G2mCNdN4Zexz8p+o=,tag:p2hNTxv1xdYmEJ6ZAO3w3Q==,type:str]
|
||||
whiteboard: ENC[AES256_GCM,data:qcZOLX1qJyciKm+4uuOVIopZXG70Jg9Grc07SCjG5ww9DK0myzdqlfWeZKdTsOyTBLMyCE9K7lC5rtBFeSv3ZeqkAUXTQt9QiAN05+tTpHk=,iv:v6fgSz/eh8MZANSbLbeSrKVOdX09pHYZ599BK8Ug2Lo=,tag:JTezfqrInm82K3gB0zpniw==,type:str]
|
||||
signaling.conf: ENC[AES256_GCM,data:Ede61FM7k3VQHt4hO7O4UOE0p5nHk8lYsqaNWh8ZxfdGRJoMoLJYFcJs8nemAj1AGCh1Ep4ehtgQGcFfILUcek280m4paSIfaE2cwsI+1F+diXn98YmsmiR3swryw518gmfTZ7DrHlns7EWr/Udflz91F5+CKAuPNKtsYRSkB4KmJmEc4k2ioPus7hHEz/edLqA4mob/DuRXrWmFkDtlEj4I9aS5CJpyeDrsYoticnp5/QCWBnpxN2itqvbwjspid085Us7p4wbrM7Di/gPjj0D84Hw4biOLWSHm1oMRXqXIBP3ntPvvKJ2sKy7czcbeIGeJAIwEctStG7hqLAv3bfxiMn8DQ8eNp/xWw6tnwYklS4KCBJbDUucGvNcSx41JLCm+TShxaPIv/l6y+Z7Hkvri1WW2WSRvRsMFFEy3PrZLu0GstESYyARBrVdJ+OdaEtt3tthYLCUQcTT5xd484TTEyF9z3d5CBPC62BXZBdFRyEPD696nXV0ztVTBz2oWCmD6jHL0v+nTn3sojTDet0vmPo6o6cE0RqX6G/oVx+Y9l52QirFxOaNALk3R1l/lvXhDhlrAp8EldGhfnZf8y7X2HoC/XHQud9pA0N89Xrgp/Ak+9d+tRtmr4icLNVtwBg91md9P1tCyqPTUGR3JHc1KtmDHVI3NqgekUAmHrNRE5m633fchV2sTYSOfvdtL,iv:/xlMQoexPA9rXIlMd7bTQY1ojHuprBX/5quVSnNslvI=,tag:geAR+vPBmDB37/oSnnpqSA==,type:str]
|
||||
openldap:
|
||||
adminPassword: ENC[AES256_GCM,data:jEGuzgs5QTWfdyJenC3t3g==,iv:StfFOcvbDapnma6eAlpaGiBWnqiD3I/wfQsMBzufol0=,tag:892q7N4KrsSQoZYGy6CQrA==,type:str]
|
||||
lam:
|
||||
|
|
@ -11,13 +13,11 @@ lam:
|
|||
stalwart:
|
||||
adminPassword: ENC[AES256_GCM,data:hHQlmztndbB8Ct5Zig8BChz1,iv:kDgSVglIKxEghV/lkcKKxKCzgwVJqcH4l8aXYt7k+W8=,tag:vD14vP2iJEOG4WR6djab1A==,type:str]
|
||||
tsig: ENC[AES256_GCM,data:wxsM/dbkW2fNf86b6TsLRNAce19h7mBEuSzFT84aIlaVZA/S29g1U4/CAwD4b+h/XfBgpZQCJf/9yT3yo6dbGAIAk5UgjV2cNY9pO1/uF1T6xoKDgfRZxA==,iv:9BvP8vQkTTEaNgYUPfQcfEMcWqDyD045EPBr7NyHmO4=,tag:coBBAe62kpe/L0S6V8NhXg==,type:str]
|
||||
db: ENC[AES256_GCM,data:ZRZ2ZzUotYMe2GfkMS7o7dz0aGg=,iv:ys6ogueueESp0y6A+hUG9zTnqmCVobuIzyqA4WVtewo=,tag:p74G+8XhMcpgDnIfh1aXTg==,type:str]
|
||||
dkimKey: ENC[AES256_GCM,data:oi+XvZ9hMMsgMtFnGPMbVBGagkwQzcPQDi1b0Zd54615V5yuOLHZxpLT5Z3LYlCOQmOcrCaIwn8lQKIZbAuAq6HDUVlNabjgnHeoq3XRIvcswO/B9pljL/22JCZleSrWSBh+WE+RwQIcqUIr0eNerXCUaAQLTE8lYn6mJMa/OoHJJ3R498OGyM/8rbuIMfKj5eqJnctsd9lRWeNmiq7hpQKJ8syLXMsRM9y79NJTPGJrIAJ/5F8SfUJ256/S2N25Cq61pkaXWxTcZzXFgAGU/sa3zsY86BRwEnFEVRMnygJWrVZW/ABYgRjL99r6OBQM8WTFpE8cK9GZTpylTm+QCS9lHsAA2rnUfLTs/09z41klbGSAu5jfokM5jhyFIjmDm9h3hEk4l0F4KTWgQ7avWqGVx4yVPktrVS6eh6W7+I0V6BOUhzH0Pp9xXWwhbFrMPYAYK5MQSLAS5nd3RCQWrxZwWh//ATiWdngUeWPyObxXSTmoV254k230sT39jQmqmTK5zIkOBvokPps9q3nPq1i3UIkSAXo0ZWI+GHiL1rnzJkMMGViugJdGEwUf8nWlYMcYkHmDRUZam6DIxzkf5svtd+kbDTxRa4GzeJrOYizgwDGpD5vRA9u8i7MYBS1Rhw3UVqZ9gkjtv8mqoOkDqVnHVnS2UPtsircecvjHmhu4Tq4hn8phX3F+2I8lhXUIalzPng5zjPGNUcDT+SoCbNeHuSWDDmMYQtzM3/xwae9quP9FXhr9IGGygmFUPGsl3cuxSJ3+Cq9/Hhd7bnTYnxYfv781qTmZsFclMUWNxUJQWLJ+5BQz6u1zW64wh+5SHUGrw7CHFsdgNAKv7YN+GJMNTHOjZr9RTL9R8opDm8Iho5IyQjMP401+DY30mOCq03WKJiC8qehgoaH16ssNV6ZuoHldu2N6JKmiwywgTRq8zQEo8jPnro772CQ9Tg0/5PnkhdlLdphDEIp60IbM+XWqMNwHY57fm6U+81PcgtsoRmI5OklrrhQjv+1aRgz0vRM80FOHMv7kxgEdNkb1x15B4g0ocBXEdLuxJEVaW4uWlP9EIivXOWwaPZf1QjT8ISuUQlFMXvtNj/V3SraW3K1bErJL5JnI16z803kdoAqYijf3IrRK49SKoCq6B2V8yo8iCRod2GFt1P3ADKb/uvJ6iCBSlFRFwiJYr8qu7TPXFCpsoySEmr1edBQdAkzXxFZLDMczHq2BzUo2RPfwtDubG1GMWxzrbZ1T6N3j1+GXiyTX7XuKdpSpFlXtPuJcCIrX4D4xnjv1SqqXEcKJO9oUcdMK6+Eem7wtVDBDDYpWellT+bLmtouvdEgjYE8VG5UGJJ5NpYoJAce9c7RE5/ozuvUH+uMfqfb8igZQlBMl6hbqO7j8m11i+ijS9T6Wu2DCSVIqqBHu8bouz1vyfq8l/whJCl1BkaZtiE5+NLkHoYSOuXGtVvEuXwMhvCWdnkxJtHZxxXQuCcBcVkD9Edg0YTslGv+XUvaYRlfZUqypqYZ9zJ21en9XPK3zafZ5gRLdY0xhXN4OKbGrXXL4cm5jfroTeez9iIL4fJGcA80PRHUGoLfK7ht2z0Lq3U91F4jz5KEhbaDtWDcMryr1Bwb6UXgLrezNM290g8J3GpXLBAdvqDXK79jSdPNqptGYt++VDeCdtA+P3z9K6aMWZzPURkLXxZ1bWy5YXP03MIkUpZWsc5lQmccUiyFe/Y+d9RSAZClmVxsQAY5y90d42EhkrOag06geziV9aaxgr57LdoPJQabD48bIbFFvimhV2DS3Gf/7gFtCXlm9oZiIqSHG+1TMKRp8XVwn6f70d76/Ba5Uiu0EX8V2x0Dsnin6GGynMBFCPKPXssHRe71SfRVxPJrzlLjtfTdPuzW5Q2k/U//z9SWd6Ao3+mzsbTC8MAYGeIzeE4GdsTs4ViEQWg5sSMSfjeKOFfgpTQi20LGomjF4gtTfnchEUBcUAarV6+hT/inYG2SlglyWwr2+LE3Ua5FWRXsZu4tBHcfE0axIb6Ju5KeogPVPo6cNoJCR2XLPNQakB9ONniCxPTW6zOx8h/A2UeIWMgbAn/jNYdd4kFu1IWBAQaZg5kSg1KmSAtnKgFmhb8A0Ope8h5fKfdX5tf0ulW0bjBz+rqNf2FQwcB/ScuEc65LSX+b0bzvIILuZfSRytFQpaQ4svjjA6mP4VIRoPRkkRl+gTEO+Ue4No4VZGE9+YdRFZ7OmtH6S1e5vu1rBiLuTVayHjuSWRu0OmxDiErP6uXPy8Q==,iv:Q5g9kxJKEKLHge2mcgk/UnTNMDFjzeLFLNjlY8KWe60=,tag:yL03NWRK2whOxNjcR3cPyA==,type:str]
|
||||
ldap: ENC[AES256_GCM,data:ygOPMCNIxvWxE9dPBeKGbA==,iv:t+p1/vjEZNDTw7LcaitzYv2xCPtlf/mmQhqXT1OFKXs=,tag:uPYp259FHZu5fut+Bc9eSA==,type:str]
|
||||
acme:
|
||||
pdns: ENC[AES256_GCM,data:eKnahc8HWboYCUpBuEUrdCMhN8A2N2VN0wrmzcyU2OfMeQaswIYSWV4sBzUbj/pono8PaVxK1FBKsn+Ycd4Y6tcxsAkbPfnPkOsbe0FJpz4t9RFLJBLw3U0YTE/TaURiDYipHnvPGYgyq3AziH/xa4WXZxLHGI0x+a/y3PpWy37rT87DWUT2kktPshdO7Mbwn7nSC78WByXmyaUMkT74Sc0FNmCgfijrHk/ATXGb,iv:y3eRZXFbqqf4VuuqHHYdIoiEa1zqRU1XIlEqooJ28lU=,tag:2bIALJFGZyIZT7fyo/y5Nw==,type:str]
|
||||
cloudflare:
|
||||
secret: ENC[AES256_GCM,data:tritGdt3bWm/YtfdF2kO8qIBisa2rGF9/Dpl8R79e6REe//YKZFqFg==,iv:UG53JZ55+gDCPJzKjbVaWnpgOdvqcRoDUg8ef9xOV9A=,tag:JD3s28dsA9G2fqtz4soATA==,type:str]
|
||||
secret: ENC[AES256_GCM,data:Ktk7BtyjaDeOc4Okflz/ZBYpJ7Uy1SeEBV6ofWcToZsvCDT6aTVxGrAKEHIE/eknvnyWOFeSQv/z/Q==,iv:x2ymbLwa1E2FzdomISeyhchya5bowgieO/XuOnoi81w=,tag:Nj+1DRnbvcwiLiEeu2WaRQ==,type:str]
|
||||
netbird:
|
||||
oidc:
|
||||
secret: ENC[AES256_GCM,data:hSVMUEBL0kCvRLD3zd57SLhNIAFOR4eaJPcIIIIUJng=,iv:VhfseftQNlXSDCWuaYQUIklMUCkUbChyWbJl3qgD75M=,tag:vbqov0VgA0XNZfzcr3FZgA==,type:str]
|
||||
|
|
@ -26,6 +26,7 @@ crowdsec:
|
|||
lapi.yaml: ENC[AES256_GCM,data:BpDlz/liFYVZTA66TMWDifGfT4R9l0W9/LOU33rrPVC4YKeFbB1gIxqkUOEDl8fxsou5Jx/MQivyz90lE8yxbcGV/Zzx4ZJaHN+jz6mfM6mADEWp/nUcfO9tECijOhPPYt/8aE3py38NlFZuafZ2CwdL7RmDX7YCjpiIYxXaIjSv61WPD1SLkOkusnoA7bJZ2xmJ/dfEMXEA4LCCOfGQ,iv:922rrz94pD3/R1kGlQyIFkoq/fRSyxaIQ5qllldQMCY=,tag:AAPlwiQP4KMzHZmcMH76AQ==,type:str]
|
||||
capi.yaml: ENC[AES256_GCM,data:UuBESeHfKEPSIzP7RPNES0BVWwJsmPqLP3QJbAeAcm6eQ3sRzUSrVxY8A2yoiLD2lnuJPy2BbYHJpBR7VSfs7oUCc7LljgAp1uB2GH1y8YE46xJLo0TDp873bZJdcsO00ozsbtmWlGWJm7HLrzIUEe0mAjBzZeXe1WDJByGeVqupNLwpXSMaos2ktHjXA6hTGAdE5iIxBAXI6qjldWjRnlqE,iv:hZ2nUaOipU7Top0vsn23yU0XWP9SKcoj85xFo5hD/mU=,tag:32E2o+FOJXM9aMnLQA6KYA==,type:str]
|
||||
consoleToken: ENC[AES256_GCM,data:Q6QWWwcvLd8+ddwPMBzyB+X4gh8I53qSLA==,iv:JD48L59nQYttglAfuKL/lNBzWgBfj01rkIeP8pqmo70=,tag:6cxsQViDGuzjScKkBuO4Bw==,type:str]
|
||||
rspamd: ENC[AES256_GCM,data:8DryYdMyhzBqwqcbYUQ=,iv:5w21u3xqshRSf8IJbG16/Gf6AC2Zw6VnI3MOchN+w8A=,tag:OiiYUDT69SZObgOh1qCL0g==,type:str]
|
||||
sops:
|
||||
age:
|
||||
- recipient: age1uvsvf5ljaezh5wze32p685kfentyle0l2mvysc67yvgct2h4850qqph9lv
|
||||
|
|
@ -37,7 +38,7 @@ sops:
|
|||
MEdmWkFwNXZoR1ZVRnQ0aWlkYzZwSmsK0EFecUIdqlDKX08oRCoDQQ3QCX1wzb8w
|
||||
lghDJhWlfuKr+X24GoE4UK04aJVLqVMRRI4BJW+LQXeHS+dWKu3mQA==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2025-10-13T06:51:06Z"
|
||||
mac: ENC[AES256_GCM,data:1+X8f7lPwN+ELJ4DmkTN71Kzvvh4V3yiMilOOnz4NCqLRPdtpiQQz8W4VXkOkBONV5816IOCU2Br4kiQnPAkPEiwpJZzWQItqomZTp4gErSGmmMpVf2lbCRfsU2Eg1tgAaS1ZRQx8/o1vSIJtoPVKiqYdYSsNDx2zbafWqn9+Rk=,iv:uZ4BWoJB6LazGy+RAzdhB8uUCSa109R4TdE6PguryR8=,tag:5G0GRihPQKl9n/fJjZr/Jw==,type:str]
|
||||
lastmodified: "2025-11-22T10:29:33Z"
|
||||
mac: ENC[AES256_GCM,data:hcqqPP7EEDrFWwKU3Yl0XM6h17pLXBsmISMd94qYzaxmT/nKnF5bn8dq6M1C9t0Q0vvLjrPm94Gv2HPPJOX960whYMfwuXv/RkORJGb4qXdkXsGJaCrR9M51HArrd7Ba3pjoEyp3Jz9xTNrqg8kCDphBs0oZRV6dQDJUTdLbR50=,iv:eH5T27fthAad/dM5NxXyQawiVmTGgwJbeRXAiut9kL4=,tag:3lGkJMZKo8O1Zm1fB3DJ9Q==,type:str]
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.11.0
|
||||
|
|
|
|||
|
|
@ -10,6 +10,14 @@ in
|
|||
owner = "nextcloud";
|
||||
group = "nextcloud";
|
||||
};
|
||||
"nextcloud/signaling.conf" = mkIf config.services.nextcloud.enable {
|
||||
owner = "signaling";
|
||||
group = "signaling";
|
||||
mode = "0640";
|
||||
};
|
||||
"nextcloud/whiteboard" = mkIf config.services.nextcloud.enable {
|
||||
owner = "nextcloud";
|
||||
};
|
||||
|
||||
"lam/env" = { };
|
||||
|
||||
|
|
@ -39,6 +47,15 @@ in
|
|||
owner = "crowdsec";
|
||||
mode = "0600";
|
||||
};
|
||||
"cloudflare/secret" = mkIf (hasAttr "acme" config.users.users) {
|
||||
owner = "acme";
|
||||
mode = "0600";
|
||||
};
|
||||
"rspamd" = mkIf config.services.rspamd.enable {
|
||||
owner = config.services.rspamd.user;
|
||||
group = config.services.rspamd.group;
|
||||
mode = "0660";
|
||||
};
|
||||
}
|
||||
// (optionalAttrs config.services.stalwart-mail.enable (
|
||||
let
|
||||
|
|
@ -52,15 +69,6 @@ in
|
|||
"stalwart/tsig" = {
|
||||
inherit group owner;
|
||||
};
|
||||
"stalwart/db" = {
|
||||
inherit group owner;
|
||||
};
|
||||
"stalwart/dkimKey" = {
|
||||
inherit group owner;
|
||||
};
|
||||
"cloudflare/secret" = {
|
||||
inherit group owner;
|
||||
};
|
||||
"stalwart/ldap" = {
|
||||
inherit group owner;
|
||||
};
|
||||
|
|
|
|||
|
|
@ -3,6 +3,6 @@
|
|||
../../../modules/localsend.nix
|
||||
./airplay.nix
|
||||
./davinci-resolve.nix
|
||||
./blender.nix
|
||||
# ./blender.nix
|
||||
];
|
||||
}
|
||||
|
|
|
|||
|
|
@ -19,6 +19,8 @@ in
|
|||
"maps.rspamd.com"
|
||||
"cdn-hub.crowdsec.net"
|
||||
"api.crowdsec.net"
|
||||
"mx1.daccc.info"
|
||||
"mx1.dnywe.com"
|
||||
];
|
||||
allowedIPs = [
|
||||
"10.0.0.0/24"
|
||||
|
|
@ -43,6 +45,7 @@ in
|
|||
'';
|
||||
|
||||
imports = [
|
||||
../public/dn/default.nix
|
||||
./common
|
||||
./home
|
||||
./network
|
||||
|
|
|
|||
|
|
@ -384,7 +384,15 @@ in
|
|||
"test.local." = "127.0.0.1:5359";
|
||||
};
|
||||
forwardZonesRecurse = {
|
||||
"." = "168.95.1.1";
|
||||
# ==== Rspamd DNS ==== #
|
||||
"multi.uribl.com." = "168.95.1.1";
|
||||
"score.senderscore.com." = "168.95.1.1";
|
||||
"list.dnswl.org." = "168.95.1.1";
|
||||
"dwl.dnswl.org." = "168.95.1.1";
|
||||
|
||||
# ==== Others ==== #
|
||||
"tw." = "168.95.1.1";
|
||||
"." = "8.8.8.8";
|
||||
};
|
||||
dnssecValidation = "off";
|
||||
dns.allowFrom = [
|
||||
|
|
@ -395,6 +403,7 @@ in
|
|||
dns.port = 5300;
|
||||
yaml-settings = {
|
||||
webservice.webserver = true;
|
||||
recordcache.max_negative_ttl = 60;
|
||||
};
|
||||
};
|
||||
|
||||
|
|
@ -451,7 +460,6 @@ in
|
|||
|
||||
virtualisation = {
|
||||
oci-containers = {
|
||||
backend = "docker";
|
||||
containers = {
|
||||
uptime-kuma = {
|
||||
extraOptions = [ "--network=host" ];
|
||||
|
|
|
|||
|
|
@ -1,10 +1,11 @@
|
|||
{
|
||||
pkgs,
|
||||
config,
|
||||
inputs,
|
||||
system,
|
||||
...
|
||||
}:
|
||||
let
|
||||
inherit (pkgs.stdenv.hostPlatform) system;
|
||||
listenPort = 30098;
|
||||
in
|
||||
{
|
||||
|
|
|
|||
|
|
@ -58,7 +58,7 @@ in
|
|||
wantedBy = [ "timers.target" ];
|
||||
timerConfig = {
|
||||
OnBootSec = 10;
|
||||
OnUnitActiveSec = 60;
|
||||
OnUnitActiveSec = 360;
|
||||
};
|
||||
};
|
||||
|
||||
|
|
|
|||
|
|
@ -3,7 +3,7 @@
|
|||
imports = [
|
||||
./actual-budget.nix
|
||||
./bitwarden.nix
|
||||
./docmost.nix
|
||||
# ./docmost.nix
|
||||
./mail-server.nix
|
||||
./nextcloud.nix
|
||||
./paperless-ngx.nix
|
||||
|
|
|
|||
|
|
@ -1,5 +1,6 @@
|
|||
{ config, ... }:
|
||||
{ config, lib, ... }:
|
||||
let
|
||||
inherit (lib) mkForce;
|
||||
inherit (config.systemConf) username;
|
||||
in
|
||||
{
|
||||
|
|
@ -46,6 +47,30 @@ in
|
|||
'';
|
||||
secretFile = config.sops.secrets."ldap/password".path;
|
||||
webSecretFile = config.sops.secrets."ldap/env".path;
|
||||
olcAccess =
|
||||
let
|
||||
olcDN = "dc=net,dc=dn";
|
||||
in
|
||||
[
|
||||
''
|
||||
{0}to attrs=userPassword
|
||||
by peername="gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth" manage
|
||||
by dn.exact="cn=admin,${olcDN}" manage
|
||||
by dn.exact="uid=admin,ou=people,${olcDN}" manage
|
||||
by self write
|
||||
by anonymous auth
|
||||
by * none
|
||||
''
|
||||
''
|
||||
{1}to *
|
||||
by peername="gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth" manage
|
||||
by dn.exact="cn=admin,${olcDN}" manage
|
||||
by dn.exact="uid=admin,ou=people,${olcDN}" manage
|
||||
by self read
|
||||
by anonymous auth
|
||||
by * none
|
||||
''
|
||||
];
|
||||
};
|
||||
rspamd = {
|
||||
secretFile = config.sops.secrets."rspamd".path;
|
||||
|
|
@ -55,4 +80,30 @@ in
|
|||
enable = true;
|
||||
};
|
||||
};
|
||||
|
||||
services.openldap.settings.attrs.olcLogLevel = mkForce "config";
|
||||
|
||||
services.postfix.settings.main = {
|
||||
# internal_mail_filter_classes = [ "bounce" ];
|
||||
};
|
||||
|
||||
services.rspamd = {
|
||||
locals."logging.conf".text = ''
|
||||
level = "debug";
|
||||
'';
|
||||
locals."settings.conf".text = ''
|
||||
bounce {
|
||||
id = "bounce";
|
||||
priority = high;
|
||||
ip = "127.0.0.1";
|
||||
selector = 'smtp_from.regexp("/^$/").last';
|
||||
|
||||
apply {
|
||||
BOUNCE = -25.0;
|
||||
}
|
||||
|
||||
symbols [ "BOUNCE" ]
|
||||
}
|
||||
'';
|
||||
};
|
||||
}
|
||||
|
|
|
|||
|
|
@ -4,11 +4,16 @@
|
|||
(import ../../../modules/nextcloud.nix {
|
||||
hostname = "nextcloud.net.dn";
|
||||
adminpassFile = config.sops.secrets."nextcloud/adminPassword".path;
|
||||
trusted-domains = [ "nextcloud.daccc.info" ];
|
||||
trusted-proxies = [ "10.0.0.0/24" ];
|
||||
whiteboardSecrets = [
|
||||
config.sops.secrets."nextcloud/whiteboard".path
|
||||
];
|
||||
})
|
||||
];
|
||||
|
||||
services.nextcloud = {
|
||||
extraApps = {
|
||||
inherit (config.services.nextcloud.package.packages.apps) music;
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
|||
|
|
@ -19,7 +19,11 @@ in
|
|||
upstream-base-url = "https://ntfy.sh";
|
||||
behind-proxy = true;
|
||||
proxy-trusted-hosts = "127.0.0.1";
|
||||
auth-default-access = "deny-all";
|
||||
enable-login = true;
|
||||
auth-file = "/var/lib/ntfy-sh/user.db";
|
||||
};
|
||||
environmentFile = config.sops.secrets."ntfy".path;
|
||||
};
|
||||
|
||||
services.nginx.virtualHosts = {
|
||||
|
|
|
|||
|
|
@ -6,14 +6,4 @@
|
|||
passwordFile = config.sops.secrets."paperless/adminPassword".path;
|
||||
})
|
||||
];
|
||||
|
||||
# OIDC
|
||||
services.paperless = {
|
||||
settings = {
|
||||
PAPERLESS_APPS = "allauth.socialaccount.providers.openid_connect";
|
||||
PAPERLESS_SOCIAL_AUTO_SIGNUP = true;
|
||||
PAPERLESS_SOCIAL_ALLOW_SIGNUPS = true;
|
||||
};
|
||||
environmentFile = config.sops.secrets."paperless/envFile".path;
|
||||
};
|
||||
}
|
||||
|
|
|
|||
|
|
@ -40,6 +40,7 @@ crowdsec:
|
|||
capi.yaml: ENC[AES256_GCM,data:+13mu3XXst8J5okb+jQ/IPOd5TfdcDgLuTP8L46U53GTgTJChQoT4Ttw6xKQhp6L7vNoArQBQL66leRt3DEXATUjxl/Zoi2eymxqLn6/NUpPkv0g7hszJGVbMZEUGjo3IAk5ZRQWaNXHA9mRq/OkHzpMMM6ZpCd0KpY92QbLSHxJ6yUMazL1Wh4hwvyWyN6lLxujrgnZWOQDPZYQmIi+c/Af,iv:OO+Ujqq89SbWcRoqhwiJX2jtIJIUrtgG9xll7WuDhzw=,tag:R+Mx2UAkwA238quvMKCBLQ==,type:str]
|
||||
consoleToken: ENC[AES256_GCM,data:G/UfbMqHW0lecT7vKmZsusvXzgxz6apdRQ==,iv:JJTN1RPhFNMd2gqE3Vw2FvC+bA/vgOiYNfBhr96veIw=,tag:HKbhtwCWkLte8e8uGDt2Gw==,type:str]
|
||||
opencloud: ENC[AES256_GCM,data:NrhvojLoMUbGkWNkfDN12iAU70F9o1MXa3m8RzYtcBU1r9zk0e+4ZlPAqw2SIobMDC3vo3few7cA21ruYGP2p36lskG6UjafyJPJoHQcxlq04Kp/9GVeSsvI3KP08WLmoaBqk6b+f1K57P4OzSHPYKQ4/f51B4yhmt8n/DNg7RgF8wNKi4KUTOBuC/j+T+51vsJdjqHUuBi1y2ZqaolAwfEYbnswNVJUcOxHUezIAGke/22U0fS01+p1JQ/PAzSeDdxuX8dAMDVYHHZ13A07kXIRchpSb63Y5pTLUUAl25zAaSYoq+fZ0s61DZrYCaityZCishhCpJwmyoOsCWEesOpRFYNjIALIxWmM9b3aU/5G1WNiPRdlfvZpowhm3r+4X7QGCoXvuoI94l8DuXW7wN77XhLr7s4w,iv:TrUgpRHN7NYFZw+tihcxJ+dhNi4nIuNHMxNWgCE53AA=,tag:YZNL/Pv8S0hYtSt5IBE1GA==,type:str]
|
||||
ntfy: ENC[AES256_GCM,data:BapVKt2WzKLMP6KsxZ32+SS0mpIy0waqUTI7Rj0yyWA1mF9bstp0VfRv/6Dna41ttecFjyLRMmlF0jLqHXcNtqmlB3lHiE5IvVcEadjGB5C1fcQKrj5CveVPecvxzc+CfMMt4tlzike9TYL2tP5siGQzU7HvpNfIlT/Qfi40j8l7eT+Tne+XAadu/GQ1CH5dWKr8gPrR8fpfw6CgDvvc05SBLlfM2LsfTxz/UNV3vAbfRLchCsqd9s9jcR4UJPoJv6HVe480HXgY5SLcZA/Gh58=,iv:MqYwns9JITCskQo+ADgWghfRCwiSV+IGdUvi568Fmrc=,tag:Re20TMCnk5EA+X9wQRYg3w==,type:str]
|
||||
sops:
|
||||
age:
|
||||
- recipient: age17rjcght2y5p4ryr76ysnxpy2wff62sml7pyc5udcts48985j05vqpwdfq2
|
||||
|
|
@ -69,7 +70,7 @@ sops:
|
|||
OFloWEFuTC9GTXJsMG5NNktmdmIrY1kK0yN0ae0xNaydujV5lt2FiwXdyursG0DK
|
||||
9i/B3TTAm9csDMMSTSFbiAUJDzG7kIqn++JU/cxvsGScSnhMqjEK/g==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2025-11-05T08:37:16Z"
|
||||
mac: ENC[AES256_GCM,data:Qyb0Zu2MSu3TVdhh6/5iEMhPBpb+hfYFwkxZUSreXxnMtRKRaasKrcjfG/pBWmublUoJpfN6MMSyg5dqKmtPTCFEA1h2TywjjR1elZao3Fj61artd2gTR60heWMzJ1rRdczgYLkTO4dWp0JB3ShF75T5XQM2kGSB/d2pvfYv4bA=,iv:p3ZNr/ZMQhAbF+KbpxqY3/0mz5kkJ8BcwO7yW3NU6l8=,tag:WS9hH77KeeMYVO9eNu5wWA==,type:str]
|
||||
lastmodified: "2025-11-22T18:17:35Z"
|
||||
mac: ENC[AES256_GCM,data:88NsRj8t483hQ1jWu3u+772he7G2oyybf+pcgyFoBpfrb5GZqXzlae7TpTqstRLvXLcvaXXWI+QUA9WKvuozHEZ2OPzP84JbTjj72POBaIf5k9jHwzNrbXdWPlQF0PLHjnguniDeKLMC8KI7Aypww7CM3N3Gkuyr6bVGGDIsPLw=,iv:D0O8HmtjYyTRd+ZeDkGctA79i+LVOh2f8B1vUjWYqPI=,tag:OU77+XJh9nOOo54fmj35kQ==,type:str]
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.11.0
|
||||
|
|
|
|||
|
|
@ -92,5 +92,9 @@ in
|
|||
group = config.services.opencloud.group;
|
||||
mode = "0600";
|
||||
};
|
||||
"ntfy" = mkIf config.services.ntfy-sh.enable {
|
||||
owner = config.services.ntfy-sh.user;
|
||||
mode = "0600";
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
|||
5
system/dev/public/dn/default.nix
Normal file
5
system/dev/public/dn/default.nix
Normal file
|
|
@ -0,0 +1,5 @@
|
|||
{
|
||||
imports = [
|
||||
./yubikey.nix
|
||||
];
|
||||
}
|
||||
46
system/dev/public/dn/ntfy.nix
Normal file
46
system/dev/public/dn/ntfy.nix
Normal file
|
|
@ -0,0 +1,46 @@
|
|||
{
|
||||
config,
|
||||
pkgs,
|
||||
lib,
|
||||
...
|
||||
}:
|
||||
let
|
||||
inherit (config.systemConf) username;
|
||||
ntfyWrapper = import ../../../../home/scripts/ntfy.nix { inherit config pkgs lib; };
|
||||
in
|
||||
{
|
||||
sops.secrets."ntfy" = {
|
||||
owner = username;
|
||||
sopsFile = ../../public/sops/dn-secret.yaml;
|
||||
mode = "0600";
|
||||
};
|
||||
|
||||
home-manager.users."${username}" = {
|
||||
home.packages = [
|
||||
ntfyWrapper
|
||||
];
|
||||
|
||||
services.ntfy-client =
|
||||
let
|
||||
icon = builtins.fetchurl {
|
||||
url = "https://docs.ntfy.sh/static/img/ntfy.png";
|
||||
sha256 = "sha256:0igypv27phrhgiccvnrcvi543yz8k8rvsxkn4nha2l3xx92yx6r5";
|
||||
};
|
||||
in
|
||||
{
|
||||
enable = true;
|
||||
settings = {
|
||||
default-host = "https://ntfy.net.dn";
|
||||
subscribe = [
|
||||
{
|
||||
topic = "public-notifications";
|
||||
command = ''
|
||||
notify-send -i ${icon} "[$topic] $title" "$message"
|
||||
'';
|
||||
}
|
||||
];
|
||||
};
|
||||
environmentFile = config.sops.secrets."ntfy".path;
|
||||
};
|
||||
};
|
||||
}
|
||||
18
system/dev/public/dn/yubikey.nix
Normal file
18
system/dev/public/dn/yubikey.nix
Normal file
|
|
@ -0,0 +1,18 @@
|
|||
{
|
||||
config,
|
||||
...
|
||||
}:
|
||||
let
|
||||
inherit (config.systemConf) username;
|
||||
in
|
||||
{
|
||||
sops.secrets."u2f_keys" = {
|
||||
sopsFile = ../../public/sops/dn-secret.yaml;
|
||||
owner = username;
|
||||
};
|
||||
|
||||
systemd.tmpfiles.rules = [
|
||||
"d /home/${username}/.config/Yubico - ${username} - - -"
|
||||
"L /home/${username}/.config/Yubico/u2f_keys - - - - ${config.sops.secrets."u2f_keys".path}"
|
||||
];
|
||||
}
|
||||
35
system/dev/public/sops/dn-secret.yaml
Normal file
35
system/dev/public/sops/dn-secret.yaml
Normal file
|
|
@ -0,0 +1,35 @@
|
|||
ntfy: ENC[AES256_GCM,data:7m7hwmDWu6qP/mX7QujXPiDAmRC542CKyWzFaOL5sHza,iv:nn1F44LSFmrV2USRDD0z8CNfUhi40LZnvoU3j0nklcU=,tag:WhqQpThDaG10kNTk1tZxOQ==,type:str]
|
||||
u2f_keys: ENC[AES256_GCM,data:boiKENOBo4hBWx9d+KVweCQrmFasDVUejuWrw60oPybPEW0pqTWz5GhQjfG6J0PWNFr/ObABT5eofKiSoy/pZ9uBQQGFO1nAA41axhI1Y9nuyBkkrNPYRnZsojdOcahNGMz1hplXTMzSdKgwutzA4/dsGG1ki/EOiuYRUgzQ/IzjEfqWGeBDlHoq9ohhTFFpsdNgZqgu23m3+Z0hcpquJdY3bhBi0L1nU3B88wJ7MiLyp2mVM3GA7i8jeIUmwqJCEuA3OkG3r3oUHO/l61N+0qtss8bmghf6bsJYtvkhCjXOiEE9R8dpCzjwXEhgAGcYiqiPWzLCl3WyYaytNlVJF/MHC+R0S1ruBV0RLrzCnvxaav8iqa4l3y2ErRB0qUgvO386suGNh2cEYTEEKF4GcQM6mzXbLzUqK4H+nGBC3SdArdphTIgWXP7C+romXzwgGVBLWW/4atRkj0ZF,iv:Rxke3HDAvcLv9sks5jDhNsfxXwSD4TgfGoN7v9HDntk=,tag:IkCsaFVPdgobd9+EX3CwIw==,type:str]
|
||||
sops:
|
||||
age:
|
||||
- recipient: age1uvsvf5ljaezh5wze32p685kfentyle0l2mvysc67yvgct2h4850qqph9lv
|
||||
enc: |
|
||||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB4L0FPWGRWeVp5SEp2eUpr
|
||||
b1dvaWFBdHBmeEh5cE9Yd2FXV0lZYWNSZGowClJYRXRjdXNKTFNzTXdObXJZbXYr
|
||||
Y1F3ajJNRXhwbzRwMEphTFl0aUhvODgKLS0tIDFrZTN0NWdYU1Bvc0k4NVdWVVUw
|
||||
Q0xOT1JDNDdGWkR1a1FCc0U4YjBCVEUKR+EaZ39bDJWbJdbUey1EmQnJI+bTZ/PN
|
||||
7o1Dn+qqUtUATeNL8a2KuXAiJ8nVqjQGVvL5DLNrqmsgIxJMoRMH6g==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
- recipient: age1z6f643a6vqm7cqh6fna5dhmxfkgwxgqy8kg9s0vf9uxhaswtngtspmqsjw
|
||||
enc: |
|
||||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBiUHlhYXZkdlBPNkV4UDh6
|
||||
aDk1aGFBbThZb3RZV0hJMDY0cW56dDN3L0Z3Ck15Smo2cXBFNUZNeWo1d2h2WHNk
|
||||
Qk1FbmFwTEhGK1UzSWF4c1d0YnFFTVkKLS0tIC9HVEczcDQzclhRZVVQNU5tOEh6
|
||||
WEE0aDRZaE1BQWVKWnpjamQrV3lwUmcKnFWVVNdgfNPgHMiL96568YjckHn4+GYJ
|
||||
Bt5/n9n9YkxZ22AgFyxjzDczDf9dXDmAPpP2PNlIlw+VaEhhUGWw+A==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
- recipient: age17rjcght2y5p4ryr76ysnxpy2wff62sml7pyc5udcts48985j05vqpwdfq2
|
||||
enc: |
|
||||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBWY3kydFo1V05HbTBWaUtq
|
||||
emZvdm1rVEx2RWxuTGdidjdrMGNmMjZldVFnCmcxS0E3V1RpcGdsZldKLzdhKzIy
|
||||
eXJQbDJUeW1Va0FLcTBvcllkdGlTUWMKLS0tIEJPR2k2cHAvNXVQZHJNSmhYU3gz
|
||||
QWV3VjRjNC9RaXNwbDdLWmVQNS94UzAKeLZSqcXRwkVoUUKd4PuRusbJwFlubdJy
|
||||
kcxGMzvfT0BMYDp61vV+F5Vh4TkgddCzp6Lphbb/6orkWWpjmE9I4g==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2025-11-21T12:34:46Z"
|
||||
mac: ENC[AES256_GCM,data:jec/S+h3feoez+1OaWkZHAlSNhsLv8R4yXPIFjVUaYionJKMUAAizLtVsmpVHNRn8OCBhb7zi+Yk4GClZQqg/I8iTY3tzDTIJJsHoj+KsxuQohRASDikaYLTfdad44vin8ayxSKjSScK3JpwX5B12Rffx8DCPqUtXY0TGa0ULoQ=,iv:R1YiVCx3WDZO4b2d9TbdTnWmVmG4MQye4TUWWdIa4Yk=,tag:ACZoECWIqDRITghc8KwUsA==,type:str]
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.11.0
|
||||
43
system/dev/public/sops/secret.yaml
Normal file
43
system/dev/public/sops/secret.yaml
Normal file
|
|
@ -0,0 +1,43 @@
|
|||
ntfy: ENC[AES256_GCM,data:TIbbEDjzQOnFKtxVYCFJZNDoKD3IJT7a3fZusC0CNkE6,iv:c5+HExq2flbY6f9mlWK6PtYJigWFG7w1hzFxRiOnjw8=,tag:6fCCfA9n3oOKIoEzKmIkqg==,type:str]
|
||||
sops:
|
||||
age:
|
||||
- recipient: age1uvsvf5ljaezh5wze32p685kfentyle0l2mvysc67yvgct2h4850qqph9lv
|
||||
enc: |
|
||||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBtbHlQZW9YL1pVdS9ldmUw
|
||||
Y1pEMlBOS2JFbnlFTmFOYk9KVWxFMG1EdFY0CmdlY2pqWnVUM3dNWm5NWkg0Q01W
|
||||
MlJRQWlFb3dtRG4zMDFGWVpWYzJ5Z2cKLS0tIG1rUnl4cU9rMDdLOVJMZ3ZVYldu
|
||||
MWtQTFIxWDBYWDIrSmhMQXNpUUcrL2MK7ML57L+Wx9ET14VcSl36jBYj/ITQp5CS
|
||||
txIVmUtD34emknZ84iJK5XakExJu6v/yFSlph+TFtm/dQG+6Dah9mg==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
- recipient: age1z6f643a6vqm7cqh6fna5dhmxfkgwxgqy8kg9s0vf9uxhaswtngtspmqsjw
|
||||
enc: |
|
||||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBhT3hIeUs1aFBvcEpKZjla
|
||||
MWk1UndPS25FYS9UTy91alAxbzlMY253T0NJCmxZZHphM1VoQUVubUNZNW5jTnpp
|
||||
T0pDN3NHRzZaaFFwb09HdzF4WnhhQ0kKLS0tIGNEZmtEY29tV0J3OWg5QTJUcWJ5
|
||||
Z2lUUFZiaUdMSGNueGdMTmgyYXFXZWMKCZKSXjNUYPMQb57njPyojUIy+pFb5wdx
|
||||
kpZRL6E1ymHUdqKv+Y4LjKJl5MndzFc5WX1bgCXNX6Ql2EWfnDyy7w==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
- recipient: age1ar5h06qv72pduau043r04kschwcq0x0lm33wqvxzdh9grmp3cq3sy0ngnz
|
||||
enc: |
|
||||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAxOC9Hem9BQmY0T1VyZjIw
|
||||
cUlkVE1iUC9nM21pSG5WcFRJWjhreWQvMWxnCitET0pDZFlUM3FjV25yNmNVRXBl
|
||||
azR6TFEvbmJ5aWJZQWxIdyt4SFFBT1EKLS0tIEdLVmZhSXZCREl6WWJvbmp5OUs3
|
||||
bHl2SjdmK2hHNXRvZ3lsdEkyRkk4YmsK3jkBYtIm42Rr3elD8I1AGnyv3A6lZ57M
|
||||
6Z7anUS5SlYr2HdHVtQobJeDG8F38kfbWBZQMCDKWayJXy6XAKJAjw==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
- recipient: age17rjcght2y5p4ryr76ysnxpy2wff62sml7pyc5udcts48985j05vqpwdfq2
|
||||
enc: |
|
||||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAybVBTV3RoYm1yOTgvZXpS
|
||||
S0lYcHpuMVBrcDF0bm5ZUSt3NHV3T2p2V2lZCnQ5MVo0VW96TEx1NE91ZlJaUzVT
|
||||
RlhoVWV2QmZsQzUzaThFQytGdzJxaFUKLS0tIEJ3cmV4eVlEZFNVcEFaVzVRQWpD
|
||||
NnByZmhLdHdIYW1HSTFya0IxZWZseUEKXypAIQLljSCj8pF/29LrlFE3zU3cQ+4t
|
||||
krG89BjB8zXwGdoEbT9OqDfV6R8+TpMo+BsDu/4svbUbXEJvSq8+Yg==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2025-11-21T12:34:48Z"
|
||||
mac: ENC[AES256_GCM,data:UmW1iNQEkZmHyt4X8HNtRreCvNiLu/f9wweomWZPSjDQgeIKq8OYy9cWW3gcRQ1/mCLBoZb7GYXF5KDmrzNNah6MdZ3nAl+GXDhoLjSEzqgnVBPaG26zMixNms+QH8u4YxF7tujk35vWYEqiDyUGCRfQSKxXM/nYrEGHJDUrZiI=,iv:5cJ/iGu7OPH0dKP5MkjseUv+l63mlGz856aSyJwNn/o=,tag:NiiYDb1fRKNTFOfTG//eMA==,type:str]
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.11.0
|
||||
|
|
@ -8,8 +8,6 @@ let
|
|||
inherit (config.systemConf) username;
|
||||
inherit (lib) mkForce optionalString;
|
||||
|
||||
geVersion = "10-15";
|
||||
|
||||
memeSelector = pkgs.callPackage ../../../../home/scripts/memeSelector.nix {
|
||||
url = "https://nextcloud.net.dn/public.php/dav/files/pygHoPB5LxDZbeY/";
|
||||
};
|
||||
|
|
@ -97,22 +95,6 @@ in
|
|||
];
|
||||
})
|
||||
];
|
||||
|
||||
home.file = {
|
||||
# Proton GE
|
||||
".steam/root/compatibilitytools.d/GE-Proton${geVersion}" = {
|
||||
source = fetchTarball {
|
||||
url = "https://github.com/GloriousEggroll/proton-ge-custom/releases/download/GE-Proton${geVersion}/GE-Proton${geVersion}.tar.gz";
|
||||
sha256 = "sha256:0iv7vak4a42b5m772gqr6wnarswib6dmybfcdjn3snvwxcb6hbsm";
|
||||
};
|
||||
};
|
||||
".steam/root/compatibilitytools.d/CachyOS-Proton10-0_v3" = {
|
||||
source = fetchTarball {
|
||||
url = "https://github.com/CachyOS/proton-cachyos/releases/download/cachyos-10.0-20250714-slr/proton-cachyos-10.0-20250714-slr-x86_64_v3.tar.xz";
|
||||
sha256 = "sha256:0hp22hkfv3f1p75im3xpif0pmixkq2i3hq3dhllzr2r7l1qx16iz";
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
|||
|
|
@ -3,13 +3,14 @@
|
|||
proxy ? true,
|
||||
}:
|
||||
{
|
||||
pkgs,
|
||||
config,
|
||||
lib,
|
||||
inputs,
|
||||
system,
|
||||
...
|
||||
}:
|
||||
let
|
||||
inherit (pkgs.stdenv.hostPlatform) system;
|
||||
inherit (builtins) toString;
|
||||
inherit (lib) mkIf;
|
||||
|
||||
|
|
|
|||
|
|
@ -1,14 +0,0 @@
|
|||
{ pkgs, ... }:
|
||||
{
|
||||
systemd.services.flatpak-repo = {
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
path = [ pkgs.flatpak ];
|
||||
script = ''
|
||||
flatpak remote-add --if-not-exists flathub https://flathub.org/repo/flathub.flatpakrepo
|
||||
'';
|
||||
};
|
||||
|
||||
services = {
|
||||
flatpak.enable = true;
|
||||
};
|
||||
}
|
||||
|
|
@ -4,7 +4,9 @@
|
|||
lib,
|
||||
...
|
||||
}:
|
||||
|
||||
let
|
||||
inherit (config.systemConf) username;
|
||||
in
|
||||
{
|
||||
nix = {
|
||||
settings = {
|
||||
|
|
@ -17,12 +19,17 @@
|
|||
|
||||
programs.gamescope.enable = lib.mkDefault true;
|
||||
|
||||
users.users.${username}.extraGroups = [ "gamemode" ];
|
||||
|
||||
programs = {
|
||||
steam = {
|
||||
enable = true;
|
||||
protontricks.enable = true;
|
||||
gamescopeSession.enable = true;
|
||||
extest.enable = true;
|
||||
extraCompatPackages = with pkgs; [
|
||||
proton-ge-bin
|
||||
];
|
||||
remotePlay.openFirewall = true;
|
||||
dedicatedServer.openFirewall = true;
|
||||
localNetworkGameTransfers.openFirewall = true;
|
||||
|
|
|
|||
|
|
@ -1,11 +1,11 @@
|
|||
{
|
||||
pkgs,
|
||||
inputs,
|
||||
system,
|
||||
...
|
||||
}:
|
||||
|
||||
let
|
||||
inherit (pkgs.stdenv.hostPlatform) system;
|
||||
pkgs-hyprland = inputs.hyprland.inputs.nixpkgs.legacyPackages.${system};
|
||||
in
|
||||
{
|
||||
|
|
@ -17,8 +17,8 @@ in
|
|||
package = pkgs-hyprland.mesa;
|
||||
extraPackages = with pkgs; [
|
||||
intel-media-driver # LIBVA_DRIVER_NAME=iHD
|
||||
vaapiVdpau
|
||||
(vaapiIntel.override {
|
||||
libva-vdpau-driver
|
||||
(intel-vaapi-driver.override {
|
||||
enableHybridCodec = true;
|
||||
})
|
||||
libvdpau-va-gl
|
||||
|
|
|
|||
|
|
@ -23,28 +23,6 @@ let
|
|||
cp ${caBundle} resources/config/ca-bundle.crt
|
||||
'';
|
||||
});
|
||||
|
||||
# Patch for downloading models. Hardcoded to `/var/lib/nextcloud/models`
|
||||
recognize = pkgs.stdenvNoCC.mkDerivation (finalAttrs: {
|
||||
pname = "recognize-patched";
|
||||
version = "10.0.4";
|
||||
|
||||
src = pkgs.fetchNextcloudApp {
|
||||
url = "https://github.com/nextcloud/recognize/releases/download/v10.0.4/recognize-10.0.4.tar.gz";
|
||||
sha256 = "sha256-/RHnnvGJMcxe4EuceYc20xh3qkYy1ZzGsyvp0h03eLk=";
|
||||
license = "agpl3Plus";
|
||||
};
|
||||
|
||||
patches = [
|
||||
../../pkgs/patches/nextcloud_recognize_models_path.patch
|
||||
];
|
||||
|
||||
installPhase = ''
|
||||
mkdir -p $out
|
||||
cp -r . $out/
|
||||
'';
|
||||
});
|
||||
|
||||
in
|
||||
{
|
||||
imports = [
|
||||
|
|
@ -90,14 +68,13 @@ in
|
|||
inherit (config.services.nextcloud.package.packages.apps)
|
||||
contacts
|
||||
calendar
|
||||
tasks
|
||||
whiteboard
|
||||
user_oidc
|
||||
memories
|
||||
recognize # May break
|
||||
recognize
|
||||
;
|
||||
|
||||
# inherit recognize;
|
||||
|
||||
camerarawpreviews = pkgs.fetchNextcloudApp {
|
||||
url = "https://github.com/ariselseng/camerarawpreviews/releases/download/v0.8.8/camerarawpreviews_nextcloud.tar.gz";
|
||||
sha256 = "sha256-Pnjm38hn90oV3l4cPAnQ+oeO6x57iyqkm80jZGqDo1I=";
|
||||
|
|
@ -138,7 +115,7 @@ in
|
|||
services.nextcloud-whiteboard-server = {
|
||||
enable = true;
|
||||
settings = {
|
||||
NEXTCLOUD_URL = "http${optionalString configureACME "s"}://${hostname}";
|
||||
NEXTCLOUD_URL = "http${optionalString https "s"}://${hostname}";
|
||||
PORT = "3002";
|
||||
};
|
||||
secrets = whiteboardSecrets;
|
||||
|
|
|
|||
|
|
@ -4,9 +4,11 @@
|
|||
nix = {
|
||||
settings = {
|
||||
substituters = [
|
||||
"https://yazi.cachix.org"
|
||||
"https://cache.net.dn/dn-main"
|
||||
];
|
||||
trusted-public-keys = [
|
||||
"yazi.cachix.org-1:Dcdz63NZKfvUCbDGngQDAZq6kOroIrFoyO064uvLh8k="
|
||||
"dn-main:ZjQmZEOWpe0TjZgHGwkgtPdOUXpN82RL9wy30EW1V7k="
|
||||
];
|
||||
warn-dirty = false;
|
||||
|
|
|
|||
|
|
@ -88,7 +88,7 @@ lib.checkListOfEnum "Nvidia Prime Mode" validModes [ nvidia-mode ] {
|
|||
enable32Bit = true;
|
||||
extraPackages = with pkgs; [
|
||||
nvidia-vaapi-driver
|
||||
vaapiVdpau
|
||||
libva-vdpau-driver
|
||||
libvdpau-va-gl
|
||||
];
|
||||
};
|
||||
|
|
|
|||
|
|
@ -1,9 +1,11 @@
|
|||
{
|
||||
pkgs,
|
||||
inputs,
|
||||
system,
|
||||
...
|
||||
}:
|
||||
let
|
||||
inherit (pkgs.stdenv.hostPlatform) system;
|
||||
in
|
||||
{
|
||||
environment.systemPackages = with pkgs; [
|
||||
file
|
||||
|
|
@ -31,7 +33,7 @@
|
|||
p7zip
|
||||
killall
|
||||
zip
|
||||
glxinfo # OpenGL info
|
||||
mesa-demos # OpenGL info
|
||||
pciutils # PCI info
|
||||
xdotool # Keyboard input simulation
|
||||
ffmpeg # Video encoding
|
||||
|
|
|
|||
|
|
@ -24,7 +24,7 @@ in
|
|||
};
|
||||
PAPERLESS_URL = "http${optionalString configureNginx "s"}://${domain}";
|
||||
};
|
||||
configureTika = true;
|
||||
configureTika = false;
|
||||
database.createLocally = true;
|
||||
};
|
||||
|
||||
|
|
|
|||
|
|
@ -6,11 +6,9 @@
|
|||
../auto-mount.nix
|
||||
../bluetooth.nix
|
||||
../display-manager.nix
|
||||
../flatpak.nix
|
||||
../obs-studio.nix
|
||||
../plymouth.nix
|
||||
../polkit.nix
|
||||
../security.nix
|
||||
../hyprland.nix
|
||||
];
|
||||
|
||||
|
|
|
|||
|
|
@ -17,5 +17,6 @@
|
|||
../ca.nix
|
||||
../sops-nix.nix
|
||||
../gc.nix
|
||||
../security.nix
|
||||
];
|
||||
}
|
||||
|
|
|
|||
|
|
@ -12,13 +12,6 @@
|
|||
];
|
||||
|
||||
programs = {
|
||||
gnupg = {
|
||||
agent = {
|
||||
enable = true;
|
||||
enableSSHSupport = true;
|
||||
};
|
||||
};
|
||||
|
||||
neovim = {
|
||||
enable = true;
|
||||
configure = {
|
||||
|
|
|
|||
|
|
@ -1,12 +1,34 @@
|
|||
{ pkgs, ... }:
|
||||
{ pkgs, config, ... }:
|
||||
|
||||
{
|
||||
services.udev.packages = [ pkgs.yubikey-personalization ];
|
||||
|
||||
programs.gnupg.agent = {
|
||||
enable = true;
|
||||
enableSSHSupport = true;
|
||||
};
|
||||
|
||||
security.sudo-rs = {
|
||||
enable = true;
|
||||
execWheelOnly = true;
|
||||
extraConfig = ''
|
||||
Defaults timestamp_timeout=0
|
||||
'';
|
||||
};
|
||||
|
||||
security.sudo.enable = !config.security.sudo-rs.enable;
|
||||
|
||||
# ==== PAM u2f ===== #
|
||||
# $ nix shell nixpkgs#pam_u2f
|
||||
# $ mkdir -p ~/.config/Yubico
|
||||
# $ pamu2fcfg > ~/.config/Yubico/u2f_keys
|
||||
security.pam = {
|
||||
services.hyprlock = { };
|
||||
services.hyprlock = {
|
||||
u2fAuth = false;
|
||||
};
|
||||
services = {
|
||||
sudo.u2fAuth = true;
|
||||
login.u2fAuth = true;
|
||||
};
|
||||
|
||||
u2f = {
|
||||
|
|
@ -16,7 +38,5 @@
|
|||
};
|
||||
};
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
yubikey-manager
|
||||
];
|
||||
programs.yubikey-manager.enable = true;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,10 +1,9 @@
|
|||
{
|
||||
adminPassFile,
|
||||
dbPassFile,
|
||||
dkimKey,
|
||||
ldapConf,
|
||||
domain ? null,
|
||||
acmeConf ? null,
|
||||
acmeConfs ? null,
|
||||
certs ? null,
|
||||
enableNginx ? true,
|
||||
}:
|
||||
{
|
||||
|
|
@ -16,15 +15,6 @@ let
|
|||
inherit (lib) mkIf;
|
||||
|
||||
logFilePath = "${config.services.stalwart-mail.dataDir}/logs";
|
||||
mkCondition = (
|
||||
condition: ithen: ielse: [
|
||||
{
|
||||
"if" = condition;
|
||||
"then" = ithen;
|
||||
}
|
||||
{ "else" = ielse; }
|
||||
]
|
||||
);
|
||||
in
|
||||
{
|
||||
services.postgresql = {
|
||||
|
|
@ -104,7 +94,8 @@ in
|
|||
hostname = "mx1.${domain}";
|
||||
domain = "${domain}";
|
||||
};
|
||||
acme."letsencrypt" = mkIf (acmeConf != null) acmeConf;
|
||||
acme = mkIf (acmeConfs != null) acmeConfs;
|
||||
certificate = mkIf (certs != null) certs;
|
||||
|
||||
directory = {
|
||||
"in-memory" = {
|
||||
|
|
@ -120,9 +111,10 @@ in
|
|||
};
|
||||
"ldap" = ldapConf;
|
||||
imap.lookup.domains = [
|
||||
domain
|
||||
"mx1.${domain}"
|
||||
];
|
||||
};
|
||||
|
||||
authentication.fallback-admin = {
|
||||
user = "admin";
|
||||
secret = "%{file:${adminPassFile}}%";
|
||||
|
|
|
|||
|
|
@ -29,7 +29,7 @@ in
|
|||
monospace = caskaydia;
|
||||
|
||||
emoji = {
|
||||
package = pkgs.noto-fonts-emoji;
|
||||
package = pkgs.noto-fonts-color-emoji;
|
||||
name = "Noto Color Emoji";
|
||||
};
|
||||
|
||||
|
|
@ -47,7 +47,7 @@ in
|
|||
jetbrains-mono
|
||||
noto-fonts-cjk-sans
|
||||
noto-fonts-cjk-serif
|
||||
noto-fonts-emoji
|
||||
noto-fonts-color-emoji
|
||||
liberation_ttf
|
||||
# dfkai-sb
|
||||
sf-pro-display-bold
|
||||
|
|
|
|||
|
|
@ -33,7 +33,9 @@
|
|||
services.nginx.virtualHosts.${domain} = {
|
||||
enableACME = true;
|
||||
forceSSL = true;
|
||||
locations."/".proxyPass =
|
||||
"http://localhost:${toString config.services.vaultwarden.config.ROCKET_PORT}/";
|
||||
locations."/" = {
|
||||
proxyPass = "http://localhost:${toString config.services.vaultwarden.config.ROCKET_PORT}/";
|
||||
proxyWebsockets = true;
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,11 +1,25 @@
|
|||
{
|
||||
pkgs,
|
||||
...
|
||||
}:
|
||||
{
|
||||
virtualisation = {
|
||||
docker.enable = true;
|
||||
docker.daemon.settings = {
|
||||
containers = {
|
||||
enable = true;
|
||||
containersConf.settings.compose_warning_logs = false;
|
||||
};
|
||||
oci-containers.backend = "podman";
|
||||
podman = {
|
||||
enable = true;
|
||||
dockerCompat = true;
|
||||
defaultNetwork.settings.dns_enabled = true;
|
||||
};
|
||||
spiceUSBRedirection.enable = true;
|
||||
};
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
dive # look into docker image layers
|
||||
podman-tui
|
||||
podman-compose
|
||||
];
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue